{"id":9249,"name":"erlef/setup-beam","ecosystem":"actions","repository_url":"https://github.com/erlef/setup-beam","issues_count":321,"created_at":"2025-06-06T22:32:24.746Z","updated_at":"2025-06-06T22:32:24.746Z","purl":"pkg:githubactions/erlef/setup-beam","metadata":{"id":6326053,"name":"erlef/setup-beam","ecosystem":"actions","description":"Set up a BEAM-based CI environment, supporting languages and tools such as Erlang/OTP, Elixir, Gleam, `rebar3`, and `hex`.\n","homepage":"","licenses":"mit","normalized_licenses":["MIT"],"repository_url":"https://github.com/erlef/setup-beam","keywords_array":[],"namespace":"erlef","versions_count":64,"first_release_published_at":"2019-08-28T21:10:34.000Z","latest_release_published_at":"2024-09-25T20:17:33.000Z","latest_release_number":"v1.18.2","last_synced_at":"2025-01-13T14:58:25.465Z","created_at":"2023-02-13T13:00:18.790Z","updated_at":"2025-01-13T14:58:25.466Z","registry_url":"https://github.com/erlef/setup-beam","install_command":null,"documentation_url":null,"metadata":{"name":"setup-beam","description":"Set up a BEAM-based CI environment, supporting languages and tools such as Erlang/OTP, Elixir, Gleam, `rebar3`, and `hex`.\n","author":"Erlang Ecosystem Foundation","branding":{"color":"blue","icon":"code"},"inputs":{"github-token":{"description":"A GitHub token used to access the GitHub REST API for retrieving release and version information. While this action will never perform anything more than read operations against the GitHub REST API, we do not recommend providing a self-generated personal access token which may provide more access than is required of this action. This input instead is merely a convenience so that users of this action do not have to manually pass an automatically generated token via their environment settings within a workflow. [Learn more about automatically generated tokens](https://docs.github.com/en/actions/security-guides/automatic-token-authentication)\n","default":"${{ github.token }}"},"otp-version":{"description":"Version range or exact version of Erlang/OTP to use, or false when installing only Gleam without OTP"},"elixir-version":{"description":"Version range or exact version of Elixir to use"},"gleam-version":{"description":"Version range or exact version of Gleam to use"},"install-hex":{"description":"Whether to install Hex (with mix local.hex when installing Elixir)","default":true},"install-rebar":{"description":"Whether to install Rebar (with mix local.rebar when installing Elixir)","default":true},"rebar3-version":{"description":"Version range or exact version of rebar3 to use (or nightly)"},"version-type":{"description":"strict means the versions are take as-are; loose means we try to guess versions based on semver rules","default":"loose"},"disable_problem_matchers":{"description":"whether to have the problem matchers present in the results (or not)","default":false},"version-file":{"description":"a versions file (e.g. as used by `asdf`), which defines inputs","default":""},"hexpm-mirrors":{"description":"mirror(s) for hex.pm, one per line","default":"https://builds.hex.pm\n"}},"outputs":{"elixir-version":{"description":"Exact version of Elixir that was installed"},"otp-version":{"description":"Exact version of Erlang/OTP that was installed"},"gleam-version":{"description":"Exact version of Gleam that was installed"},"rebar3-version":{"description":"Exact version of rebar3 that was installed"},"setup-beam-version":{"description":"The commit unique id of the execution action version"}},"runs":{"using":"node20","main":"dist/index.js"},"default_branch":"main","path":null},"repo_metadata":{"id":37615744,"uuid":"331103973","full_name":"erlef/setup-beam","owner":"erlef","description":"Set up your BEAM-based GitHub Actions workflow (Erlang, Elixir, Gleam, ...)","archived":false,"fork":false,"pushed_at":"2024-06-27T20:00:41.000Z","size":1969,"stargazers_count":349,"open_issues_count":8,"forks_count":50,"subscribers_count":13,"default_branch":"main","last_synced_at":"2024-06-27T23:06:36.211Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/erlef.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE.md","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-01-19T20:40:48.000Z","updated_at":"2024-06-27T20:06:38.000Z","dependencies_parsed_at":"2024-01-13T01:16:02.334Z","dependency_job_id":"c42c803c-b823-4911-99ed-2cc83b5f5e29","html_url":"https://github.com/erlef/setup-beam","commit_stats":{"total_commits":170,"total_committers":22,"mean_commits":"7.7272727272727275","dds":0.6823529411764706,"last_synced_commit":"2595a954a1d3e255e0b1746055a1f4bf719b0ac9"},"previous_names":[],"tags_count":62,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/erlef","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":209036900,"owners_count":14952354,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"erlef","name":"The Erlang Ecosystem Foundation","uuid":"47606891","kind":"organization","description":"","email":null,"website":"https://erlef.org","location":null,"twitter":null,"company":null,"icon_url":"https://avatars.githubusercontent.com/u/47606891?v=4","repositories_count":28,"last_synced_at":"2024-04-14T02:47:20.500Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/erlef","funding_links":[],"total_stars":1140,"followers":98,"following":0,"created_at":"2022-11-12T06:24:08.132Z","updated_at":"2024-04-14T02:47:28.727Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/erlef","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/erlef/repositories"},"tags":[{"name":"v1.18","sha":"a6e26b22319003294c58386b6f25edbc7336819a","kind":"tag","published_at":"2024-06-23T19:13:34.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.18","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.18","dependencies_parsed_at":"2024-06-25T04:18:00.186Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.18","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.18/manifests"},{"name":"v1.18.0","sha":"a6e26b22319003294c58386b6f25edbc7336819a","kind":"commit","published_at":"2024-06-23T18:52:39.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.18.0","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.18.0","dependencies_parsed_at":"2024-06-25T04:18:00.190Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.18.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.18.0/manifests"},{"name":"v1.17.6","sha":"0a541161e47ec43ccbd9510053c5f336ca76c2a2","kind":"commit","published_at":"2024-05-31T15:29:11.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.17.6","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.17.6","dependencies_parsed_at":"2024-06-06T04:20:58.614Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.17.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.17.6/manifests"},{"name":"v1.17.5","sha":"2f0cc07b4b9bea248ae098aba9e1a8a1de5ec24c","kind":"commit","published_at":"2024-03-03T23:50:12.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.17.5","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.17.5","dependencies_parsed_at":"2024-03-06T04:24:00.466Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.17.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.17.5/manifests"},{"name":"v1.17.4","sha":"904c511e63061a8f501ae4b081ce2c0e9cfc70ab","kind":"commit","published_at":"2024-02-29T22:37:38.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.17.4","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.17.4","dependencies_parsed_at":"2024-03-02T04:06:49.434Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.17.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.17.4/manifests"},{"name":"v1.17.3","sha":"a23b1fc4452a892cf3e92cbc2c405256cd6c27ec","kind":"tag","published_at":"2024-02-16T22:31:39.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.17.3","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.17.3","dependencies_parsed_at":"2024-02-18T04:37:11.976Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.17.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.17.3/manifests"},{"name":"v1.17.2","sha":"8b9cac4c04dbcd7bf8fd673e16f988225d89b09b","kind":"tag","published_at":"2024-01-31T17:55:48.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.17.2","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.17.2","dependencies_parsed_at":"2024-02-03T04:25:34.651Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.17.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.17.2/manifests"},{"name":"v1.17.1","sha":"b60baf47530760859821edca21cbcd3a1bd366cd","kind":"commit","published_at":"2024-01-17T23:37:13.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.17.1","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.17.1","dependencies_parsed_at":"2024-01-19T04:09:25.048Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.17.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.17.1/manifests"},{"name":"v1.17","sha":"a34c98fd51e370b4d4981854aba1eb817ce4e483","kind":"tag","published_at":"2024-01-10T20:17:49.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.17","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.17","dependencies_parsed_at":"2024-01-18T04:46:28.841Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.17","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.17/manifests"},{"name":"v1.17.0","sha":"a34c98fd51e370b4d4981854aba1eb817ce4e483","kind":"tag","published_at":"2024-01-10T20:17:38.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.17.0","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.17.0","dependencies_parsed_at":"2024-01-18T04:46:28.816Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.17.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.17.0/manifests"},{"name":"v1.16","sha":"61e01a43a562a89bfc54c7f9a378ff67b03e4a21","kind":"tag","published_at":"2023-06-21T20:12:36.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.16","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.16","dependencies_parsed_at":"2023-07-20T20:34:16.232Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.16","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.16/manifests"},{"name":"v1.16.0","sha":"61e01a43a562a89bfc54c7f9a378ff67b03e4a21","kind":"tag","published_at":"2023-06-21T20:12:23.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.16.0","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.16.0","dependencies_parsed_at":"2023-07-20T20:34:12.448Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.16.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.16.0/manifests"},{"name":"v1.15.4","sha":"c2e02f777c158310fc6d3d4e11b36a52d2d52db8","kind":"tag","published_at":"2023-05-01T14:05:24.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.15.4","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.15.4","dependencies_parsed_at":"2023-07-20T20:34:16.056Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.15.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.15.4/manifests"},{"name":"v1.15.3","sha":"a255120a8298b1d3ebd952d84954db5471801f8f","kind":"tag","published_at":"2023-03-29T14:03:56.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.15.3","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.15.3","dependencies_parsed_at":"2023-07-20T20:34:12.714Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.15.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.15.3/manifests"},{"name":"v1.15.2","sha":"e3f6ffe2878180f57318bf13febd3933ee81f664","kind":"commit","published_at":"2023-01-06T16:14:27.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.15.2","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.15.2","dependencies_parsed_at":"2023-07-20T20:34:14.123Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.15.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.15.2/manifests"},{"name":"v1.15.1","sha":"c10774ce0f4adb77996edcc725050c161b3703cb","kind":"commit","published_at":"2023-01-04T07:35:12.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.15.1","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.15.1","dependencies_parsed_at":"2023-07-20T20:34:12.213Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.15.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.15.1/manifests"},{"name":"v1.15","sha":"b980a5ac9b7316a23ebc16de2bb69b7c3ad731b5","kind":"tag","published_at":"2022-11-22T22:42:17.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.15","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.15","dependencies_parsed_at":"2023-07-20T20:34:16.055Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.15","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.15/manifests"},{"name":"v1.15.0","sha":"b980a5ac9b7316a23ebc16de2bb69b7c3ad731b5","kind":"tag","published_at":"2022-11-22T22:42:10.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.15.0","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.15.0","dependencies_parsed_at":"2023-07-20T20:33:25.501Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.15.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.15.0/manifests"},{"name":"v1.14","sha":"713cc2ffe3d38766349884daa5a1180763755855","kind":"tag","published_at":"2022-10-19T20:52:08.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.14","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.14","dependencies_parsed_at":"2023-07-20T20:33:25.828Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.14","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.14/manifests"},{"name":"v1.14.0","sha":"713cc2ffe3d38766349884daa5a1180763755855","kind":"tag","published_at":"2022-10-19T20:51:58.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.14.0","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.14.0","dependencies_parsed_at":"2023-07-20T20:33:25.117Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.14.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.14.0/manifests"},{"name":"v1","sha":"d85df626dd55cfc806e6b7593a0dfb2a465214a2","kind":"tag","published_at":"2022-09-16T17:26:09.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1","dependencies_parsed_at":"2023-07-20T20:34:16.111Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1/manifests"},{"name":"v1.13","sha":"d85df626dd55cfc806e6b7593a0dfb2a465214a2","kind":"tag","published_at":"2022-09-16T17:25:48.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.13","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.13","dependencies_parsed_at":"2023-07-20T20:33:26.395Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.13","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.13/manifests"},{"name":"v1.13.1","sha":"d85df626dd55cfc806e6b7593a0dfb2a465214a2","kind":"tag","published_at":"2022-09-16T17:25:34.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.13.1","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.13.1","dependencies_parsed_at":"2023-07-20T20:33:25.774Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.13.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.13.1/manifests"},{"name":"v1.13.0","sha":"6b2f8153b4b819accafd6aa10674dd245410e536","kind":"tag","published_at":"2022-09-13T07:23:28.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.13.0","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.13.0","dependencies_parsed_at":"2023-07-20T20:33:26.220Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.13.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.13.0/manifests"},{"name":"v1.12","sha":"69fb25ba7e2c546dfc085871ecf2fc5382c9843d","kind":"commit","published_at":"2022-08-01T12:23:47.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.12","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.12","dependencies_parsed_at":"2023-07-20T20:33:26.118Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.12","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.12/manifests"},{"name":"v1.12.0","sha":"69fb25ba7e2c546dfc085871ecf2fc5382c9843d","kind":"commit","published_at":"2022-08-01T12:23:47.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.12.0","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.12.0","dependencies_parsed_at":"2023-07-20T20:33:26.117Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.12.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.12.0/manifests"},{"name":"v1.11","sha":"10d50f70626dbb9c5174531ada017b8b4f14c215","kind":"tag","published_at":"2022-04-23T18:38:17.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.11","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.11","dependencies_parsed_at":"2023-07-20T20:33:25.944Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.11/manifests"},{"name":"v1.11.2","sha":"10d50f70626dbb9c5174531ada017b8b4f14c215","kind":"commit","published_at":"2022-04-21T17:38:31.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.11.2","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.11.2","dependencies_parsed_at":"2023-07-20T20:33:25.443Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.11.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.11.2/manifests"},{"name":"v1.11.1","sha":"2e0500f2a50c7f883e15eb4d0fa7dc15d2c458c1","kind":"tag","published_at":"2022-04-07T19:32:10.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.11.1","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.11.1","dependencies_parsed_at":"2023-07-20T20:33:25.045Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.11.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.11.1/manifests"},{"name":"v1.11.0","sha":"c428d8c359c7a208a7471729c4a619c35780d541","kind":"tag","published_at":"2022-02-22T11:11:14.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.11.0","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.11.0","dependencies_parsed_at":"2023-07-20T20:33:25.849Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.11.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.11.0/manifests"},{"name":"v1.10","sha":"730ac65cba0700bad37c0744de4aa916c16bb728","kind":"tag","published_at":"2022-01-12T19:29:41.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.10","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.10","dependencies_parsed_at":"2023-07-20T20:33:25.465Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.10/manifests"},{"name":"v1.10.0","sha":"730ac65cba0700bad37c0744de4aa916c16bb728","kind":"tag","published_at":"2022-01-12T19:29:12.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.10.0","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.10.0","dependencies_parsed_at":"2023-07-20T20:33:26.174Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.10.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.10.0/manifests"},{"name":"v1.9","sha":"988e02bfe678367a02564f65ca2e37726dc0268f","kind":"tag","published_at":"2021-08-19T16:52:21.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.9","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.9","dependencies_parsed_at":"2023-07-20T20:33:25.795Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.9/manifests"},{"name":"v1.9.0","sha":"988e02bfe678367a02564f65ca2e37726dc0268f","kind":"commit","published_at":"2021-08-19T10:31:27.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.9.0","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.9.0","dependencies_parsed_at":"2023-07-20T20:33:25.654Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.9.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.9.0/manifests"},{"name":"v1.8","sha":"ade4f1d5676f98d7d890c87e6151f47340ac235c","kind":"tag","published_at":"2021-07-27T21:30:34.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.8","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.8","dependencies_parsed_at":"2023-07-20T20:33:25.807Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.8/manifests"},{"name":"v1.8.3","sha":"ade4f1d5676f98d7d890c87e6151f47340ac235c","kind":"commit","published_at":"2021-07-20T19:08:24.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.8.3","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.8.3","dependencies_parsed_at":"2023-07-20T20:33:25.702Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.8.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.8.3/manifests"},{"name":"v1.8.2","sha":"9283f857f115cde44f2031cd545cad363fb5274d","kind":"tag","published_at":"2021-07-12T17:37:06.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.8.2","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.8.2","dependencies_parsed_at":"2023-07-20T20:33:25.843Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.8.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.8.2/manifests"},{"name":"v1.8.1","sha":"830642517cf03e22e8e8db5e80ace29342f5be28","kind":"tag","published_at":"2021-07-09T09:13:04.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.8.1","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.8.1","dependencies_parsed_at":"2023-07-20T20:33:25.398Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.8.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.8.1/manifests"},{"name":"v1.8.0","sha":"d8a37f5aac5697ad06bc85db417e9cd4e3b5c27d","kind":"tag","published_at":"2021-07-08T14:42:23.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.8.0","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.8.0","dependencies_parsed_at":"2023-07-20T20:33:26.360Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.8.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.8.0/manifests"},{"name":"v1.7.2","sha":"11d59b146c83dbe8215ca203ebe4aca822d443a7","kind":"commit","published_at":"2021-05-28T01:28:05.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.7.2","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.7.2","dependencies_parsed_at":"2023-07-20T14:04:13.315Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.7.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.7.2/manifests"},{"name":"v1.7","sha":"11d59b146c83dbe8215ca203ebe4aca822d443a7","kind":"commit","published_at":"2021-05-28T01:28:05.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.7","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.7","dependencies_parsed_at":"2023-07-20T14:04:14.636Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.7/manifests"},{"name":"v1.2","sha":"413f3328711062ca1a27f4c0cefa38a797a874ef","kind":"tag","published_at":"2021-05-14T23:33:25.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.2","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.2","dependencies_parsed_at":"2023-07-20T13:55:50.416Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.2/manifests"},{"name":"v1.1","sha":"1a3c64091d474cbde0480f3d6b9be27ac85a1fb4","kind":"tag","published_at":"2021-05-14T23:33:04.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.1","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.1","dependencies_parsed_at":"2023-07-20T13:55:49.946Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.1/manifests"},{"name":"v1.0","sha":"45a82c0a5af423088acb72efa3b677d38af5b4bc","kind":"tag","published_at":"2021-05-14T23:32:46.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.0","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.0","dependencies_parsed_at":"2023-07-20T13:55:37.993Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.0/manifests"},{"name":"v1.7.1","sha":"b50aa182196c819a7dadaf531df48de189d84c56","kind":"tag","published_at":"2021-05-14T23:30:11.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.7.1","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.7.1","dependencies_parsed_at":"2023-07-20T14:04:13.309Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.7.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.7.1/manifests"},{"name":"v1.4","sha":"584173361f39a00f77ffc37c6b9a090f9313605d","kind":"tag","published_at":"2021-05-06T20:54:44.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.4","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.4","dependencies_parsed_at":"2023-07-20T13:55:50.286Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.4/manifests"},{"name":"v1.6","sha":"885971a72ed1f9240973bd92ab57af8c1aa68f24","kind":"tag","published_at":"2021-04-02T23:45:59.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.6","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.6","dependencies_parsed_at":"2023-07-20T13:55:49.901Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.6/manifests"},{"name":"v1.7.0","sha":"78d10b5f616e2f356ec1bba98260ea57001d2363","kind":"tag","published_at":"2021-04-02T23:32:43.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.7.0","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.7.0","dependencies_parsed_at":"2023-07-20T14:04:14.368Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.7.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.7.0/manifests"},{"name":"v1.6.0","sha":"885971a72ed1f9240973bd92ab57af8c1aa68f24","kind":"commit","published_at":"2021-01-21T14:20:44.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.6.0","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.6.0","dependencies_parsed_at":"2023-07-20T13:55:50.111Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.6.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.6.0/manifests"},{"name":"v1.5.0","sha":"3c118cec41f6c3bfc2c7f2aef9bec886ab0b2324","kind":"commit","published_at":"2020-11-17T13:29:07.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.5.0","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.5.0","dependencies_parsed_at":"2023-07-20T20:33:25.431Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.5.0/manifests"},{"name":"v1.5","sha":"3c118cec41f6c3bfc2c7f2aef9bec886ab0b2324","kind":"commit","published_at":"2020-11-17T13:29:07.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.5","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.5","dependencies_parsed_at":"2023-07-20T13:55:50.261Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.5/manifests"},{"name":"v1.4.2","sha":"584173361f39a00f77ffc37c6b9a090f9313605d","kind":"commit","published_at":"2020-09-29T16:02:50.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.4.2","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.4.2","dependencies_parsed_at":"2023-07-20T13:55:50.368Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.4.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.4.2/manifests"},{"name":"v1.4.1","sha":"7a03a874e96e3aa8ee0626a0152bb1f9aeaa1be9","kind":"commit","published_at":"2020-09-17T16:14:31.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.4.1","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.4.1","dependencies_parsed_at":"2023-07-20T13:55:49.804Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.4.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.4.1/manifests"},{"name":"v1.4.0","sha":"230dd25d80c9dc282a18834a6453c0217c466924","kind":"commit","published_at":"2020-08-05T15:02:48.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.4.0","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.4.0","dependencies_parsed_at":"2023-07-20T13:55:50.446Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.4.0/manifests"},{"name":"v1.3.0","sha":"2071beb570a53fb599fbd638d0a4f4577d57143d","kind":"commit","published_at":"2020-05-18T20:43:48.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.3.0","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.3.0","dependencies_parsed_at":"2023-07-20T13:55:50.443Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.3.0/manifests"},{"name":"v1.3","sha":"2071beb570a53fb599fbd638d0a4f4577d57143d","kind":"commit","published_at":"2020-05-18T20:43:48.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.3","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.3","dependencies_parsed_at":"2023-07-20T13:55:50.214Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.3/manifests"},{"name":"v1.2.2","sha":"413f3328711062ca1a27f4c0cefa38a797a874ef","kind":"commit","published_at":"2020-05-17T15:04:13.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.2.2","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.2.2","dependencies_parsed_at":"2023-07-20T13:55:50.519Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.2.2/manifests"},{"name":"v1.2.1","sha":"67712d17154d46c94d32e763f856b6d48c294b9e","kind":"commit","published_at":"2020-05-14T17:44:09.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.2.1","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.2.1","dependencies_parsed_at":"2023-07-20T13:55:50.301Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.2.1/manifests"},{"name":"v1.2.0","sha":"811b4b88e8793da6b78b8fdee26d97f85c823afd","kind":"commit","published_at":"2019-12-04T18:58:29.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.2.0","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.2.0","dependencies_parsed_at":"2023-07-20T13:55:50.480Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.2.0/manifests"},{"name":"v1.1.0","sha":"1a3c64091d474cbde0480f3d6b9be27ac85a1fb4","kind":"commit","published_at":"2019-12-02T19:18:45.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.1.0","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.1.0","dependencies_parsed_at":"2023-07-20T13:55:50.352Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.1.0/manifests"},{"name":"v1.0.0","sha":"45a82c0a5af423088acb72efa3b677d38af5b4bc","kind":"commit","published_at":"2019-08-28T21:10:34.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/v1.0.0","html_url":"https://github.com/erlef/setup-beam/releases/tag/v1.0.0","dependencies_parsed_at":"2023-07-20T13:55:50.385Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/v1.0.0/manifests"},{"name":"1.0.0","sha":"45a82c0a5af423088acb72efa3b677d38af5b4bc","kind":"commit","published_at":"2019-08-28T21:10:34.000Z","download_url":"https://codeload.github.com/erlef/setup-beam/tar.gz/1.0.0","html_url":"https://github.com/erlef/setup-beam/releases/tag/1.0.0","dependencies_parsed_at":"2023-07-20T13:55:50.459Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/1.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Fsetup-beam/tags/1.0.0/manifests"}]},"repo_metadata_updated_at":"2024-06-27T23:15:19.790Z","dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":1979,"rankings":{"downloads":null,"dependent_repos_count":0.5482490888924101,"dependent_packages_count":0.0,"stargazers_count":0.7542386309618127,"forks_count":1.6700998257011566,"docker_downloads_count":null,"average":0.7431468863888449},"purl":"pkg:githubactions/erlef/setup-beam","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/actions/erlef/setup-beam","docker_dependents_count":1,"docker_downloads_count":7185080,"usage_url":"https://repos.ecosyste.ms/usage/actions/erlef/setup-beam","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/actions/erlef/setup-beam/dependencies","status":null,"funding_links":[],"critical":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages/erlef%2Fsetup-beam/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages/erlef%2Fsetup-beam/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages/erlef%2Fsetup-beam/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages/erlef%2Fsetup-beam/related_packages","maintainers":[],"registry":{"name":"github actions","url":"https://github.com/marketplace/actions/","ecosystem":"actions","default":true,"packages_count":31631,"maintainers_count":0,"namespaces_count":19972,"keywords_count":6683,"github":"actions","metadata":{"funded_packages_count":2966},"icon_url":"https://github.com/actions.png","created_at":"2023-01-03T17:16:39.185Z","updated_at":"2025-06-07T05:39:45.903Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/namespaces"}},"unique_repositories_count":147,"unique_repositories_count_past_30_days":5,"recent_issues":[{"uuid":"4510259779","node_id":"PR_kwDOSGY35c7et5XV","number":22,"state":"closed","title":"chore(deps): Bump the actions group with 12 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-24T05:50:51.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-24T02:31:09.000Z","updated_at":"2026-05-24T05:51:30.000Z","time_to_close":11982,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): Bump","group_name":"actions","update_count":12,"packages":[{"name":"actions/checkout","old_version":"4.3.1","new_version":"6.0.2","repository_url":"https://github.com/actions/checkout"},{"name":"github/codeql-action","old_version":"4.32.6","new_version":"4.36.0","repository_url":"https://github.com/github/codeql-action"},{"name":"dependabot/fetch-metadata","old_version":"2.2.0","new_version":"3.1.0","repository_url":"https://github.com/dependabot/fetch-metadata"},{"name":"erlef/setup-beam","old_version":"1.20.4","new_version":"1.24.0","repository_url":"https://github.com/erlef/setup-beam"},{"name":"actions/upload-artifact","old_version":"4.6.2","new_version":"7.0.1","repository_url":"https://github.com/actions/upload-artifact"},{"name":"actions/github-script","old_version":"8.0.0","new_version":"9.0.0","repository_url":"https://github.com/actions/github-script"}],"path":null,"ecosystem":"actions"},"body":"Updates the requirements on [actions/checkout](https://github.com/actions/checkout), [github/codeql-action](https://github.com/github/codeql-action), [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata), [erlef/setup-beam](https://github.com/erlef/setup-beam), [actions/upload-artifact](https://github.com/actions/upload-artifact), [actions/github-script](https://github.com/actions/github-script), [webfactory/ssh-agent](https://github.com/webfactory/ssh-agent), [dtolnay/rust-toolchain](https://github.com/dtolnay/rust-toolchain), [softprops/action-gh-release](https://github.com/softprops/action-gh-release), [Swatinem/rust-cache](https://github.com/swatinem/rust-cache), [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) and [actions/download-artifact](https://github.com/actions/download-artifact) to permit the latest version.\nUpdates `actions/checkout` from 4.3.1 to 6.0.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/releases\"\u003eactions/checkout's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set by \u003ca href=\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2355\"\u003eactions/checkout#2355\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix tag handling: preserve annotations and explicit fetch-tags by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2356\"\u003eactions/checkout#2356\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v6.0.1...v6.0.2\"\u003ehttps://github.com/actions/checkout/compare/v6.0.1...v6.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate all references from v5 and v4 to v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2314\"\u003eactions/checkout#2314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd worktree support for persist-credentials includeIf by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2327\"\u003eactions/checkout#2327\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify v6 README by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2328\"\u003eactions/checkout#2328\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v6...v6.0.1\"\u003ehttps://github.com/actions/checkout/compare/v6...v6.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev6-beta by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2298\"\u003eactions/checkout#2298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate readme/changelog for v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2311\"\u003eactions/checkout#2311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/checkout/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6-beta\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eUpdated persist-credentials to store the credentials under \u003ccode\u003e$RUNNER_TEMP\u003c/code\u003e instead of directly in the local git config.\u003c/p\u003e\n\u003cp\u003eThis requires a minimum Actions Runner version of \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.329.0\"\u003ev2.329.0\u003c/a\u003e to access the persisted credentials for \u003ca href=\"https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action\"\u003eDocker container action\u003c/a\u003e scenarios.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5...v5.0.1\"\u003ehttps://github.com/actions/checkout/compare/v5...v5.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare v5.0.0 release by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2238\"\u003eactions/checkout#2238\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/blob/main/CHANGELOG.md\"\u003eactions/checkout's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix tag handling: preserve annotations and explicit fetch-tags by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2356\"\u003eactions/checkout#2356\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd worktree support for persist-credentials includeIf by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2327\"\u003eactions/checkout#2327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca href=\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca href=\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca href=\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdjust positioning of user email note and permissions heading by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2044\"\u003eactions/checkout#2044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2194\"\u003eactions/checkout#2194\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CODEOWNERS for actions by \u003ca href=\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2224\"\u003eactions/checkout#2224\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate package dependencies by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2236\"\u003eactions/checkout#2236\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eurl-helper.ts\u003c/code\u003e now leverages well-known environment variables by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1941\"\u003eactions/checkout#1941\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpand unit test coverage for \u003ccode\u003eisGhes\u003c/code\u003e by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1946\"\u003eactions/checkout#1946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck out other refs/* by commit if provided, fall back to ref by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1924\"\u003eactions/checkout#1924\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Ref and Commit outputs by \u003ca href=\"https://github.com/lucacome\"\u003e\u003ccode\u003e@​lucacome\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1180\"\u003eactions/checkout#1180\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDependency updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e- \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1777\"\u003eactions/checkout#1777\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1872\"\u003eactions/checkout#1872\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump the minor-npm-dependencies group across 1 directory with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1739\"\u003eactions/checkout#1739\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 3 to 4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1697\"\u003eactions/checkout#1697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCheck out other refs/* by commit by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1774\"\u003eactions/checkout#1774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin actions/checkout's own workflows to a known, good, stable version. by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1776\"\u003eactions/checkout#1776\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck platform to set archive extension appropriately by \u003ca href=\"https://github.com/cory-miller\"\u003e\u003ccode\u003e@​cory-miller\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1732\"\u003eactions/checkout#1732\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003e\u003ccode\u003ede0fac2\u003c/code\u003e\u003c/a\u003e Fix tag handling: preserve annotations and explicit fetch-tags (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2356\"\u003e#2356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49\"\u003e\u003ccode\u003e064fe7f\u003c/code\u003e\u003c/a\u003e Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8\"\u003e\u003ccode\u003e8e8c483\u003c/code\u003e\u003c/a\u003e Clarify v6 README (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2328\"\u003e#2328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1\"\u003e\u003ccode\u003e033fa0d\u003c/code\u003e\u003c/a\u003e Add worktree support for persist-credentials includeIf (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2327\"\u003e#2327\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5\"\u003e\u003ccode\u003ec2d88d3\u003c/code\u003e\u003c/a\u003e Update all references from v5 and v4 to v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2314\"\u003e#2314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3\"\u003e\u003ccode\u003e1af3b93\u003c/code\u003e\u003c/a\u003e update readme/changelog for v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2311\"\u003e#2311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e\"\u003e\u003ccode\u003e71cf226\u003c/code\u003e\u003c/a\u003e v6-beta (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2298\"\u003e#2298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e\"\u003e\u003ccode\u003e069c695\u003c/code\u003e\u003c/a\u003e Persist creds to a separate file (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2286\"\u003e#2286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493\"\u003e\u003ccode\u003eff7abcd\u003c/code\u003e\u003c/a\u003e Update README to include Node.js 24 support details and requirements (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8\"\u003e\u003ccode\u003e08c6903\u003c/code\u003e\u003c/a\u003e Prepare v5.0.0 release (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2238\"\u003e#2238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/checkout/compare/v4.3.1...de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 4.32.6 to 4.36.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.36.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eBreaking change\u003c/em\u003e: Bump the minimum required CodeQL bundle version to 2.19.4. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3894\"\u003e#3894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5\"\u003e2.25.5\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3926\"\u003e#3926\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.34.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDowngrade default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e due to issues with a small percentage of Actions and JavaScript analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3762\"\u003e#3762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.34.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded an experimental change which disables TRAP caching when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3569\"\u003e#3569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWe are rolling out improved incremental analysis to C/C++ analyses that use build mode \u003ccode\u003enone\u003c/code\u003e. We expect this rollout to be complete by the end of April 2026. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3584\"\u003e#3584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0\"\u003e2.25.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3585\"\u003e#3585\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.33.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.36.0 - 22 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eBreaking change\u003c/em\u003e: Bump the minimum required CodeQL bundle version to 2.19.4. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3894\"\u003e#3894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5\"\u003e2.25.5\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3926\"\u003e#3926\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.5 - 15 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.4 - 07 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.3 - 01 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.2 - 15 Apr 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.1 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.0 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7211b7c8077ea37d8641b6271f6a365a22a5fbfa\"\u003e\u003ccode\u003e7211b7c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3927\"\u003e#3927\u003c/a\u003e from github/update-v4.36.0-ebc2d9e2b\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7740f2fb21add1d46278215acea47540db22f022\"\u003e\u003ccode\u003e7740f2f\u003c/code\u003e\u003c/a\u003e Update changelog for v4.36.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/ebc2d9e2bc247eec51bee8d4df806c4030eb0761\"\u003e\u003ccode\u003eebc2d9e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3926\"\u003e#3926\u003c/a\u003e from github/update-bundle/codeql-bundle-v2.25.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/d1f74b777c95c777bf4f42ce4b250bc916e745c7\"\u003e\u003ccode\u003ed1f74b7\u003c/code\u003e\u003c/a\u003e Add changelog note\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/2dc40cec39bdc63d3561d74fa6100cebb0418ff4\"\u003e\u003ccode\u003e2dc40ce\u003c/code\u003e\u003c/a\u003e Update default bundle to codeql-bundle-v2.25.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/84498526a009a99c875e83ef4821a8ba52de7c22\"\u003e\u003ccode\u003e8449852\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3910\"\u003e#3910\u003c/a\u003e from github/henrymercer/repo-size-diff-check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/72ac23c6d16b29fbe801e87e3439941558c53094\"\u003e\u003ccode\u003e72ac23c\u003c/code\u003e\u003c/a\u003e Update excluded required check list\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/c5297a28a2c3e6a8062041b58858bd7117cebe37\"\u003e\u003ccode\u003ec5297a2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3919\"\u003e#3919\u003c/a\u003e from github/henrymercer/workflow-concurrency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/8ffeae7d05bc1b914a009d197e64e4f5c9e14503\"\u003e\u003ccode\u003e8ffeae7\u003c/code\u003e\u003c/a\u003e CI: Automatically cancel non-generated workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/f3f52bf568dc44a1069faafa538caa6b1fec40c9\"\u003e\u003ccode\u003ef3f52bf\u003c/code\u003e\u003c/a\u003e Revert \u003ccode\u003egetErrorMessage\u003c/code\u003e import\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/v4.32.6...7211b7c8077ea37d8641b6271f6a365a22a5fbfa\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dependabot/fetch-metadata` from 2.2.0 to 3.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dependabot/fetch-metadata/releases\"\u003edependabot/fetch-metadata's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd permissions to all workflows by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/687\"\u003edependabot/fetch-metadata#687\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump globals from 16.0.0 to 17.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/690\"\u003edependabot/fetch-metadata#690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump esbuild from 0.27.4 to 0.28.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/693\"\u003edependabot/fetch-metadata#693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​hono/node-server\u003c/code\u003e from 1.19.10 to 1.19.13 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/694\"\u003edependabot/fetch-metadata#694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump hono from 4.12.7 to 4.12.12 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/695\"\u003edependabot/fetch-metadata#695\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDynamically update the tracking tag in action by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/696\"\u003edependabot/fetch-metadata#696\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: handle duplicate dependency names in parseMetadataLinks by \u003ca href=\"https://github.com/devantler\"\u003e\u003ccode\u003e@​devantler\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/700\"\u003edependabot/fetch-metadata#700\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: remove $ anchor from updateFragment regex to handle pip directory suffixes by \u003ca href=\"https://github.com/devantler\"\u003e\u003ccode\u003e@​devantler\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/698\"\u003edependabot/fetch-metadata#698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdates to README for permissions clarification by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/697\"\u003edependabot/fetch-metadata#697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: resolve update-type null for Python, Composer, and Terraform PRs by \u003ca href=\"https://github.com/vitorsdcs\"\u003e\u003ccode\u003e@​vitorsdcs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/704\"\u003edependabot/fetch-metadata#704\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump globals from 17.4.0 to 17.5.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/703\"\u003edependabot/fetch-metadata#703\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/701\"\u003edependabot/fetch-metadata#701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump \u003ccode\u003e@​actions/github\u003c/code\u003e from 9.0.0 to 9.1.0 in the dependencies group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/702\"\u003edependabot/fetch-metadata#702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump hono from 4.12.12 to 4.12.14 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/705\"\u003edependabot/fetch-metadata#705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev3.1.0 by \u003ca href=\"https://github.com/fetch-metadata-action-automation\"\u003e\u003ccode\u003e@​fetch-metadata-action-automation\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/692\"\u003edependabot/fetch-metadata#692\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/devantler\"\u003e\u003ccode\u003e@​devantler\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/700\"\u003edependabot/fetch-metadata#700\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitorsdcs\"\u003e\u003ccode\u003e@​vitorsdcs\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/704\"\u003edependabot/fetch-metadata#704\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/dependabot/fetch-metadata/compare/v3...v3.1.0\"\u003ehttps://github.com/dependabot/fetch-metadata/compare/v3...v3.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.0\u003c/h2\u003e\n\u003cp\u003eThe breaking change is requiring Node.js version v24 as the Actions runtime.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: Parse versions from metadata links by \u003ca href=\"https://github.com/ppkarwasz\"\u003e\u003ccode\u003e@​ppkarwasz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/632\"\u003edependabot/fetch-metadata#632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade actions core and actions github packages by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/649\"\u003edependabot/fetch-metadata#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Add notes for using \u003ccode\u003ealert-lookup\u003c/code\u003e with App Token by \u003ca href=\"https://github.com/sue445\"\u003e\u003ccode\u003e@​sue445\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/656\"\u003edependabot/fetch-metadata#656\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat!: update Node.js version to v24 by \u003ca href=\"https://github.com/sturman\"\u003e\u003ccode\u003e@​sturman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/671\"\u003edependabot/fetch-metadata#671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch build tooling from ncc to esbuild by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/676\"\u003edependabot/fetch-metadata#676\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd --legal-comments=none to esbuild build commands by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/679\"\u003edependabot/fetch-metadata#679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump tsconfig target from es2022 to es2024 by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/680\"\u003edependabot/fetch-metadata#680\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove vestigial outDir from tsconfig.json by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/681\"\u003edependabot/fetch-metadata#681\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch tsconfig module resolution to bundler by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/682\"\u003edependabot/fetch-metadata#682\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove skipLibCheck from tsconfig.json by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/683\"\u003edependabot/fetch-metadata#683\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd typecheck step to CI by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/685\"\u003edependabot/fetch-metadata#685\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnable noImplicitAny in tsconfig.json by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/684\"\u003edependabot/fetch-metadata#684\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​actions/core\u003c/code\u003e to ^3.0.0 by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/677\"\u003edependabot/fetch-metadata#677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​actions/github\u003c/code\u003e to ^9.0.0 and \u003ccode\u003e@​octokit/request-error\u003c/code\u003e to ^7.1.0 by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/678\"\u003edependabot/fetch-metadata#678\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump qs from 6.14.0 to 6.14.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/651\"\u003edependabot/fetch-metadata#651\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.11.1 to 4.11.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/652\"\u003edependabot/fetch-metadata#652\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.11.4 to 4.11.7 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/653\"\u003edependabot/fetch-metadata#653\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.11.7 to 4.12.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/657\"\u003edependabot/fetch-metadata#657\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump qs from 6.14.1 to 6.14.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/655\"\u003edependabot/fetch-metadata#655\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e from 1.25.1 to 1.26.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/654\"\u003edependabot/fetch-metadata#654\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​hono/node-server\u003c/code\u003e from 1.19.9 to 1.19.10 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/665\"\u003edependabot/fetch-metadata#665\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.12.2 to 4.12.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/664\"\u003edependabot/fetch-metadata#664\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/25dd0e34f4fe68f24cc83900b1fe3fe149efef98\"\u003e\u003ccode\u003e25dd0e3\u003c/code\u003e\u003c/a\u003e v3.1.0 (\u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/692\"\u003e#692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/e073f50d732cb48d48fb80afedb4fa61361626e9\"\u003e\u003ccode\u003ee073f50\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/705\"\u003e#705\u003c/a\u003e from dependabot/dependabot/npm_and_yarn/hono-4.12.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/0670e167df1fbee1b0d07121de6a182ddebdd674\"\u003e\u003ccode\u003e0670e16\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump hono from 4.12.12 to 4.12.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/7a7fe10a42310e65df80af6c771e9aa5d59842d1\"\u003e\u003ccode\u003e7a7fe10\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/702\"\u003e#702\u003c/a\u003e from dependabot/dependabot/npm_and_yarn/dependencies-...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/5168191cea3d4daa635bff6c796b4f0faeba522d\"\u003e\u003ccode\u003e5168191\u003c/code\u003e\u003c/a\u003e Updating dist build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/23882e175b2f16bc495c89aa50940399c6a17504\"\u003e\u003ccode\u003e23882e1\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​actions/github\u003c/code\u003e in the dependencies group\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/1072469591c13fda1d8dba1d1ac2e80187e247d7\"\u003e\u003ccode\u003e1072469\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/701\"\u003e#701\u003c/a\u003e from dependabot/dependabot/github_actions/actions/cre...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/43f8a0055c8e32587be67e097dff89a6823c9752\"\u003e\u003ccode\u003e43f8a00\u003c/code\u003e\u003c/a\u003e build(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/b4d904a50935c8ebe744da148ea8a18a43fe72e1\"\u003e\u003ccode\u003eb4d904a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/703\"\u003e#703\u003c/a\u003e from dependabot/dependabot/npm_and_yarn/globals-17.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/c8046bb877d9989cc848797de1b944bc3e93ef82\"\u003e\u003ccode\u003ec8046bb\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump globals from 17.4.0 to 17.5.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/dependabot/fetch-metadata/compare/dbb049abf0d677abbd7f7eee0375145b417fdd34...25dd0e34f4fe68f24cc83900b1fe3fe149efef98\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `erlef/setup-beam` from 1.20.4 to 1.24.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.24.0\u003c/h2\u003e\n\u003ch2\u003e⚠️ Potentially breaking changes\u003c/h2\u003e\n\u003cp\u003eSince GitHub is phasing out Node 20 runners, the \u003ccode\u003eerlef/setup-beam\u003c/code\u003e action has updated its requirements ([see PR \u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/426\"\u003e#426\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e)). Please \u003cstrong\u003eensure your workflow files are updated\u003c/strong\u003e to align with the \u003ca href=\"https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/\"\u003elatest GitHub Actions standards\u003c/a\u003e to avoid execution failures.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Node 24 runtime by \u003ca href=\"https://github.com/levibuzolic\"\u003e\u003ccode\u003e@​levibuzolic\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix error that occurs when parsing TOML files that use dotted keys by \u003ca href=\"https://github.com/mitchellhenke\"\u003e\u003ccode\u003e@​mitchellhenke\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/444\"\u003eerlef/setup-beam#444\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAutomation\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/435\"\u003eerlef/setup-beam#435\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/436\"\u003eerlef/setup-beam#436\u003c/a\u003e, and \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/442\"\u003eerlef/setup-beam#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSecurity\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump eslint from 10.0.3 to 10.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/439\"\u003eerlef/setup-beam#439\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump yauzl from 3.2.0 to 3.2.1 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/437\"\u003eerlef/setup-beam#437\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump csv-parse from 6.1.0 to 6.2.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/440\"\u003eerlef/setup-beam#440\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump picomatch from 4.0.3 to 4.0.4 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/443\"\u003eerlef/setup-beam#443\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: address \u003ccode\u003ePrototype Pollution via parse() in NodeJS flatted\u003c/code\u003e by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/445\"\u003eerlef/setup-beam#445\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/levibuzolic\"\u003e\u003ccode\u003e@​levibuzolic\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mitchellhenke\"\u003e\u003ccode\u003e@​mitchellhenke\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/444\"\u003eerlef/setup-beam#444\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.24.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.24.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/fc68ffb90438ef2936bbb3251622353b3dcb2f93\"\u003e\u003ccode\u003efc68ffb\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 190c3a5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/190c3a5e7b2d0a7e53ac2ae08f02a617c755b13d\"\u003e\u003ccode\u003e190c3a5\u003c/code\u003e\u003c/a\u003e Fix error that occurs when parsing TOML files that use dotted keys (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/444\"\u003e#444\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/92dab893ed9373c7c8b219be47f9e6ad3684507b\"\u003e\u003ccode\u003e92dab89\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 5dfda65\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/5dfda6550693b3e524212c8e8956489385351723\"\u003e\u003ccode\u003e5dfda65\u003c/code\u003e\u003c/a\u003e fix: address \u003ccode\u003ePrototype Pollution via parse() in NodeJS flatted\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/445\"\u003e#445\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ef385d6edc40d082c376680340dc4581014fb5c3\"\u003e\u003ccode\u003eef385d6\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to bf3c3af\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf3c3af135ef07a5f34ef23377a9cbf2b2e1fab0\"\u003e\u003ccode\u003ebf3c3af\u003c/code\u003e\u003c/a\u003e Bump picomatch from 4.0.3 to 4.0.4 in the npm_and_yarn group across 1 directo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/e7645e410255776e1f30cddea2b7842df4b842fb\"\u003e\u003ccode\u003ee7645e4\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to a36098e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/a36098e7415c702808cc414302b5a3fa2c83df52\"\u003e\u003ccode\u003ea36098e\u003c/code\u003e\u003c/a\u003e Bump csv-parse from 6.1.0 to 6.2.1 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/440\"\u003e#440\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/87781dc68a92d3ae823e02b5a7c030621fcc71a2\"\u003e\u003ccode\u003e87781dc\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to d5f3979\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/d5f3979a5f2803385ad71e7a9e178d31f89b8d2b\"\u003e\u003ccode\u003ed5f3979\u003c/code\u003e\u003c/a\u003e Support Node 24 runtime (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/426\"\u003e#426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1.20.4...fc68ffb90438ef2936bbb3251622353b3dcb2f93\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/upload-artifact` from 4.6.2 to 7.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/upload-artifact/releases\"\u003eactions/upload-artifact's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate the readme with direct upload details by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/795\"\u003eactions/upload-artifact#795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReadme: bump all the example versions to v7 by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/796\"\u003eactions/upload-artifact#796\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInclude changes in typespec/ts-http-runtime 0.3.5 by \u003ca href=\"https://github.com/yacaovsnc\"\u003e\u003ccode\u003e@​yacaovsnc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/797\"\u003eactions/upload-artifact#797\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/upload-artifact/compare/v7...v7.0.1\"\u003ehttps://github.com/actions/upload-artifact/compare/v7...v7.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003ch2\u003ev7 What's new\u003c/h2\u003e\n\u003ch3\u003eDirect Uploads\u003c/h3\u003e\n\u003cp\u003eAdds support for uploading single files directly (unzipped). Callers can set the new \u003ccode\u003earchive\u003c/code\u003e parameter to \u003ccode\u003efalse\u003c/code\u003e to skip zipping the file during upload. Right now, we only support single files. The action will fail if the glob passed resolves to multiple files. The \u003ccode\u003ename\u003c/code\u003e parameter is also ignored with this setting. Instead, the name of the artifact will be the name of the uploaded file.\u003c/p\u003e\n\u003ch3\u003eESM\u003c/h3\u003e\n\u003cp\u003eTo support new versions of the \u003ccode\u003e@actions/*\u003c/code\u003e packages, we've upgraded the package to ESM.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd proxy integration test by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/754\"\u003eactions/upload-artifact#754\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade the module to ESM and bump dependencies by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/762\"\u003eactions/upload-artifact#762\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport direct file uploads by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/764\"\u003eactions/upload-artifact#764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- made their first contribution in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/754\"\u003eactions/upload-artifact#754\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/upload-artifact/compare/v6...v7.0.0\"\u003ehttps://github.com/actions/upload-artifact/compare/v6...v7.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003ev6 - What's new\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\nactions/upload-artifact@v6 now runs on Node.js 24 (\u003ccode\u003eruns.using: node24\u003c/code\u003e) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eNode.js 24\u003c/h3\u003e\n\u003cp\u003eThis release updates the runtime to Node.js 24. v5 had preliminary support for Node.js 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpload Artifact Node 24 support by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/719\"\u003eactions/upload-artifact#719\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update \u003ccode\u003e@​actions/artifact\u003c/code\u003e for Node.js 24 punycode deprecation by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/744\"\u003eactions/upload-artifact#744\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eprepare release v6.0.0 for Node.js 24 support by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/745\"\u003eactions/upload-artifact#745\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/043fb46d1a93c77aae656e7c1c64a875d1fc6a0a\"\u003e\u003ccode\u003e043fb46\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/797\"\u003e#797\u003c/a\u003e from actions/yacaovsnc/update-dependency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/634250c1388765ea7ed0f053e636f1f399000b94\"\u003e\u003ccode\u003e634250c\u003c/code\u003e\u003c/a\u003e Include changes in typespec/ts-http-runtime 0.3.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/e454baaac2be505c9450e11b8f3215c6fc023ce8\"\u003e\u003ccode\u003ee454baa\u003c/code\u003e\u003c/a\u003e Readme: bump all the example versions to v7 (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/796\"\u003e#796\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/74fad66b98a6d799dc004d3353ccd0e6f6b2530e\"\u003e\u003ccode\u003e74fad66\u003c/code\u003e\u003c/a\u003e Update the readme with direct upload details (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/795\"\u003e#795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/bbbca2ddaa5d8feaa63e36b76fdaad77386f024f\"\u003e\u003ccode\u003ebbbca2d\u003c/code\u003e\u003c/a\u003e Support direct file uploads (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/764\"\u003e#764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/589182c5a4cec8920b8c1bce3e2fab1c97a02296\"\u003e\u003ccode\u003e589182c\u003c/code\u003e\u003c/a\u003e Upgrade the module to ESM and bump dependencies (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/762\"\u003e#762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/47309c993abb98030a35d55ef7ff34b7fa1074b5\"\u003e\u003ccode\u003e47309c9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/754\"\u003e#754\u003c/a\u003e from actions/Link-/add-proxy-integration-tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/02a8460834e70dab0ce194c64360c59dc1475ef0\"\u003e\u003ccode\u003e02a8460\u003c/code\u003e\u003c/a\u003e Add proxy integration test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/b7c566a772e6b6bfb58ed0dc250532a479d7789f\"\u003e\u003ccode\u003eb7c566a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/745\"\u003e#745\u003c/a\u003e from actions/upload-artifact-v6-release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/e516bc8500aaf3d07d591fcd4ae6ab5f9c391d5b\"\u003e\u003ccode\u003ee516bc8\u003c/code\u003e\u003c/a\u003e docs: correct description of Node.js 24 support in README\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/upload-artifact/compare/ea165f8d65b6e75b540449e92b4886f43607fa02...043fb46d1a93c77aae656e7c1c64a875d1fc6a0a\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/github-script` from 8.0.0 to 9.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/github-script/releases\"\u003eactions/github-script's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eNew features:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003egetOctokit\u003c/code\u003e factory function\u003c/strong\u003e — Available directly in the script context. Create additional authenticated Octokit clients with different tokens for multi-token workflows, GitHub App tokens, and cross-org access. See \u003ca href=\"https://github.com/actions/github-script#creating-additional-clients-with-getoctokit\"\u003eCreating additional clients with \u003ccode\u003egetOctokit\u003c/code\u003e\u003c/a\u003e for details and examples.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eOrchestration ID in user-agent\u003c/strong\u003e — The \u003ccode\u003eACTIONS_ORCHESTRATION_ID\u003c/code\u003e environment variable is automatically appended to the user-agent string for request tracing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking changes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003erequire('@actions/github')\u003c/code\u003e no longer works in scripts.\u003c/strong\u003e The upgrade to \u003ccode\u003e@actions/github\u003c/code\u003e v9 (ESM-only) means \u003ccode\u003erequire('@actions/github')\u003c/code\u003e will fail at runtime. If you previously used patterns like \u003ccode\u003econst { getOctokit } = require('@actions/github')\u003c/code\u003e to create secondary clients, use the new injected \u003ccode\u003egetOctokit\u003c/code\u003e function instead — it's available directly in the script context with no imports needed.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003egetOctokit\u003c/code\u003e is now an injected function parameter. Scripts that declare \u003ccode\u003econst getOctokit = ...\u003c/code\u003e or \u003ccode\u003elet getOctokit = ...\u003c/code\u003e will get a \u003ccode\u003eSyntaxError\u003c/code\u003e because JavaScript does not allow \u003ccode\u003econst\u003c/code\u003e/\u003ccode\u003elet\u003c/code\u003e redeclaration of function parameters. Use the injected \u003ccode\u003egetOctokit\u003c/code\u003e directly, or use \u003ccode\u003evar getOctokit = ...\u003c/code\u003e if you need to redeclare it.\u003c/li\u003e\n\u003cli\u003eIf your script accesses other \u003ccode\u003e@actions/github\u003c/code\u003e internals beyond the standard \u003ccode\u003egithub\u003c/code\u003e/\u003ccode\u003eoctokit\u003c/code\u003e client, you may need to update those references for v9 compatibility.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd ACTIONS_ORCHESTRATION_ID to user-agent string by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/695\"\u003eactions/github-script#695\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: use deployment: false for integration test environments by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/712\"\u003eactions/github-script#712\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat!: add getOctokit to script context, upgrade \u003ccode\u003e@​actions/github\u003c/code\u003e v9, \u003ccode\u003e@​octokit/core\u003c/code\u003e v7, and related packages by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/700\"\u003eactions/github-script#700\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/695\"\u003eactions/github-script#695\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/github-script/compare/v8.0.0...v9.0.0\"\u003ehttps://github.com/actions/github-script/compare/v8.0.0...v9.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/3a2844b7e9c422d3c10d287c895573f7108da1b3\"\u003e\u003ccode\u003e3a2844b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/github-script/issues/700\"\u003e#700\u003c/a\u003e from actions/salmanmkc/expose-getoctokit + prepare re...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/ca10bbdd1a7739de09e99a200c7a59f5d73a4079\"\u003e\u003ccode\u003eca10bbd\u003c/code\u003e\u003c/a\u003e fix: use \u003ccode\u003e@​octokit/core/\u003c/code\u003etypes import for v7 compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/86e48e20ac85c970ed1f96e718fd068173948b7b\"\u003e\u003ccode\u003e86e48e2\u003c/code\u003e\u003c/a\u003e merge: incorporate main branch changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/c1084728b5b935ec4ddc1e4cee877b01797b3ff9\"\u003e\u003ccode\u003ec108472\u003c/code\u003e\u003c/a\u003e chore: rebuild dist for v9 upgrade and getOctokit factory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/afff112e4f8b57c718168af75b89ce00bc8d091d\"\u003e\u003ccode\u003eafff112\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/github-script/issues/712\"\u003e#712\u003c/a\u003e from actions/salmanmkc/deployment-false + fix user-ag...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/ff8117e5b78c415f814f39ad6998f424fee7b817\"\u003e\u003ccode\u003eff8117e\u003c/code\u003e\u003c/a\u003e ci: fix user-agent test to handle orchestration ID\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/81c6b7876079abe10ff715951c9fc7b3e1ab389d\"\u003e\u003ccode\u003e81c6b78\u003c/code\u003e\u003c/a\u003e ci: use deployment: false to suppress deployment noise from integration tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://g...\n\n_Description has been truncated_","html_url":"https://github.com/hyperpolymath/natsci-studio/pull/22","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyperpolymath%2Fnatsci-studio/issues/22","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/22/packages"},{"uuid":"4469171413","node_id":"PR_kwDOQ0Eyfs7cpsv6","number":9,"state":"open","title":"chore(deps): bump the actions group with 13 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-18T12:40:23.000Z","updated_at":"2026-05-19T05:02:38.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"actions","update_count":13,"packages":[{"name":"actions/checkout","old_version":"4.1.1","new_version":"6.0.2","repository_url":"https://github.com/actions/checkout"},{"name":"haskell-actions/setup","old_version":"2.7.5","new_version":"2.11.0","repository_url":"https://github.com/haskell-actions/setup"},{"name":"actions/cache","old_version":"4.0.2","new_version":"5.0.5","repository_url":"https://github.com/actions/cache"},{"name":"actions/configure-pages","old_version":"5.0.0","new_version":"6.0.0","repository_url":"https://github.com/actions/configure-pages"},{"name":"actions/upload-pages-artifact","old_version":"3.0.1","new_version":"5.0.0","repository_url":"https://github.com/actions/upload-pages-artifact"},{"name":"actions/deploy-pages","old_version":"4.0.5","new_version":"5.0.0","repository_url":"https://github.com/actions/deploy-pages"},{"name":"erlef/setup-beam","old_version":"1.18.2","new_version":"1.24.0","repository_url":"https://github.com/erlef/setup-beam"},{"name":"github/codeql-action","old_version":"4.32.6","new_version":"4.35.5","repository_url":"https://github.com/github/codeql-action"},{"name":"dependabot/fetch-metadata","old_version":"2.2.0","new_version":"3.1.0","repository_url":"https://github.com/dependabot/fetch-metadata"},{"name":"actions/upload-artifact","old_version":"4.6.2","new_version":"7.0.1","repository_url":"https://github.com/actions/upload-artifact"},{"name":"actions/github-script","old_version":"8.0.0","new_version":"9.0.0","repository_url":"https://github.com/actions/github-script"},{"name":"webfactory/ssh-agent","old_version":"0.9.0","new_version":"0.10.0","repository_url":"https://github.com/webfactory/ssh-agent"},{"name":"trufflesecurity/trufflehog","old_version":"3.93.8","new_version":"3.95.3","repository_url":"https://github.com/trufflesecurity/trufflehog"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 13 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [actions/checkout](https://github.com/actions/checkout) | `4.1.1` | `6.0.2` |\n| [haskell-actions/setup](https://github.com/haskell-actions/setup) | `2.7.5` | `2.11.0` |\n| [actions/cache](https://github.com/actions/cache) | `4.0.2` | `5.0.5` |\n| [actions/configure-pages](https://github.com/actions/configure-pages) | `5.0.0` | `6.0.0` |\n| [actions/upload-pages-artifact](https://github.com/actions/upload-pages-artifact) | `3.0.1` | `5.0.0` |\n| [actions/deploy-pages](https://github.com/actions/deploy-pages) | `4.0.5` | `5.0.0` |\n| [erlef/setup-beam](https://github.com/erlef/setup-beam) | `1.18.2` | `1.24.0` |\n| [github/codeql-action](https://github.com/github/codeql-action) | `4.32.6` | `4.35.5` |\n| [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) | `2.2.0` | `3.1.0` |\n| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.6.2` | `7.0.1` |\n| [actions/github-script](https://github.com/actions/github-script) | `8.0.0` | `9.0.0` |\n| [webfactory/ssh-agent](https://github.com/webfactory/ssh-agent) | `0.9.0` | `0.10.0` |\n| [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) | `3.93.8` | `3.95.3` |\n\nUpdates `actions/checkout` from 4.1.1 to 6.0.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/releases\"\u003eactions/checkout's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set by \u003ca href=\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2355\"\u003eactions/checkout#2355\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix tag handling: preserve annotations and explicit fetch-tags by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2356\"\u003eactions/checkout#2356\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v6.0.1...v6.0.2\"\u003ehttps://github.com/actions/checkout/compare/v6.0.1...v6.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate all references from v5 and v4 to v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2314\"\u003eactions/checkout#2314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd worktree support for persist-credentials includeIf by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2327\"\u003eactions/checkout#2327\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify v6 README by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2328\"\u003eactions/checkout#2328\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v6...v6.0.1\"\u003ehttps://github.com/actions/checkout/compare/v6...v6.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev6-beta by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2298\"\u003eactions/checkout#2298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate readme/changelog for v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2311\"\u003eactions/checkout#2311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/checkout/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6-beta\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eUpdated persist-credentials to store the credentials under \u003ccode\u003e$RUNNER_TEMP\u003c/code\u003e instead of directly in the local git config.\u003c/p\u003e\n\u003cp\u003eThis requires a minimum Actions Runner version of \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.329.0\"\u003ev2.329.0\u003c/a\u003e to access the persisted credentials for \u003ca href=\"https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action\"\u003eDocker container action\u003c/a\u003e scenarios.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5...v5.0.1\"\u003ehttps://github.com/actions/checkout/compare/v5...v5.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare v5.0.0 release by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2238\"\u003eactions/checkout#2238\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/blob/main/CHANGELOG.md\"\u003eactions/checkout's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix tag handling: preserve annotations and explicit fetch-tags by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2356\"\u003eactions/checkout#2356\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd worktree support for persist-credentials includeIf by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2327\"\u003eactions/checkout#2327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca href=\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca href=\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca href=\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdjust positioning of user email note and permissions heading by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2044\"\u003eactions/checkout#2044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2194\"\u003eactions/checkout#2194\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CODEOWNERS for actions by \u003ca href=\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2224\"\u003eactions/checkout#2224\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate package dependencies by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2236\"\u003eactions/checkout#2236\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eurl-helper.ts\u003c/code\u003e now leverages well-known environment variables by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1941\"\u003eactions/checkout#1941\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpand unit test coverage for \u003ccode\u003eisGhes\u003c/code\u003e by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1946\"\u003eactions/checkout#1946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck out other refs/* by commit if provided, fall back to ref by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1924\"\u003eactions/checkout#1924\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Ref and Commit outputs by \u003ca href=\"https://github.com/lucacome\"\u003e\u003ccode\u003e@​lucacome\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1180\"\u003eactions/checkout#1180\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDependency updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e- \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1777\"\u003eactions/checkout#1777\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1872\"\u003eactions/checkout#1872\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump the minor-npm-dependencies group across 1 directory with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1739\"\u003eactions/checkout#1739\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 3 to 4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1697\"\u003eactions/checkout#1697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCheck out other refs/* by commit by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1774\"\u003eactions/checkout#1774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin actions/checkout's own workflows to a known, good, stable version. by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1776\"\u003eactions/checkout#1776\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck platform to set archive extension appropriately by \u003ca href=\"https://github.com/cory-miller\"\u003e\u003ccode\u003e@​cory-miller\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1732\"\u003eactions/checkout#1732\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003e\u003ccode\u003ede0fac2\u003c/code\u003e\u003c/a\u003e Fix tag handling: preserve annotations and explicit fetch-tags (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2356\"\u003e#2356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49\"\u003e\u003ccode\u003e064fe7f\u003c/code\u003e\u003c/a\u003e Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8\"\u003e\u003ccode\u003e8e8c483\u003c/code\u003e\u003c/a\u003e Clarify v6 README (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2328\"\u003e#2328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1\"\u003e\u003ccode\u003e033fa0d\u003c/code\u003e\u003c/a\u003e Add worktree support for persist-credentials includeIf (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2327\"\u003e#2327\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5\"\u003e\u003ccode\u003ec2d88d3\u003c/code\u003e\u003c/a\u003e Update all references from v5 and v4 to v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2314\"\u003e#2314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3\"\u003e\u003ccode\u003e1af3b93\u003c/code\u003e\u003c/a\u003e update readme/changelog for v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2311\"\u003e#2311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e\"\u003e\u003ccode\u003e71cf226\u003c/code\u003e\u003c/a\u003e v6-beta (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2298\"\u003e#2298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e\"\u003e\u003ccode\u003e069c695\u003c/code\u003e\u003c/a\u003e Persist creds to a separate file (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2286\"\u003e#2286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493\"\u003e\u003ccode\u003eff7abcd\u003c/code\u003e\u003c/a\u003e Update README to include Node.js 24 support details and requirements (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8\"\u003e\u003ccode\u003e08c6903\u003c/code\u003e\u003c/a\u003e Prepare v5.0.0 release (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2238\"\u003e#2238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/checkout/compare/v4.1.1...de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `haskell-actions/setup` from 2.7.5 to 2.11.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/haskell-actions/setup/releases\"\u003ehaskell-actions/setup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.11.0\u003c/h2\u003e\n\u003cp\u003eGHC: try ghcup first, choco only as fallback\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd GHC 9.12.4 and Stack 3.9.3 by \u003ca href=\"https://github.com/andreasabel\"\u003e\u003ccode\u003e@​andreasabel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/haskell-actions/setup/pull/142\"\u003ehaskell-actions/setup#142\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump softprops/action-gh-release from 2 to 3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/haskell-actions/setup/pull/143\"\u003ehaskell-actions/setup#143\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHC: try ghcup first, choco only as fallback by \u003ca href=\"https://github.com/andreasabel\"\u003e\u003ccode\u003e@​andreasabel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/haskell-actions/setup/pull/144\"\u003ehaskell-actions/setup#144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/haskell-actions/setup/compare/v2.10.3...v2.11.0\"\u003ehttps://github.com/haskell-actions/setup/compare/v2.10.3...v2.11.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.10.4\u003c/h2\u003e\n\u003cp\u003eAdd GHC 9.12.4 and Stack 3.9.3\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd GHC 9.12.4 and Stack 3.9.3 by \u003ca href=\"https://github.com/andreasabel\"\u003e\u003ccode\u003e@​andreasabel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/haskell-actions/setup/pull/142\"\u003ehaskell-actions/setup#142\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/haskell-actions/setup/compare/v2.10.3...v2.10.4\"\u003ehttps://github.com/haskell-actions/setup/compare/v2.10.3...v2.10.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.10.3\u003c/h2\u003e\n\u003cp\u003eAdd Stack 3.9.1\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Stack 3.9.1 by \u003ca href=\"https://github.com/andreasabel\"\u003e\u003ccode\u003e@​andreasabel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/haskell-actions/setup/pull/138\"\u003ehaskell-actions/setup#138\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/haskell-actions/setup/compare/v2.10.2...v2.10.3\"\u003ehttps://github.com/haskell-actions/setup/compare/v2.10.2...v2.10.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.10.2\u003c/h2\u003e\n\u003cp\u003eRemove GHCup vanilla channel from defaults\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove GHCup vanilla channel from defaults by \u003ca href=\"https://github.com/andreasabel\"\u003e\u003ccode\u003e@​andreasabel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/haskell-actions/setup/pull/137\"\u003ehaskell-actions/setup#137\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/haskell-actions/setup/compare/v2.10.1...v2.10.2\"\u003ehttps://github.com/haskell-actions/setup/compare/v2.10.1...v2.10.2\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/cd0d9bdd65b20557f41bea4dbe43d0b5fbbfe553\"\u003e\u003ccode\u003ecd0d9bd\u003c/code\u003e\u003c/a\u003e GHC: try ghcup first, choco only as fallback\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/4568e6457136c6847fb753cd5ae28b2ba3b42798\"\u003e\u003ccode\u003e4568e64\u003c/code\u003e\u003c/a\u003e Bump softprops/action-gh-release from 2 to 3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/de26526e12bc780fb9d384c1fb61c0bf02e3a40d\"\u003e\u003ccode\u003ede26526\u003c/code\u003e\u003c/a\u003e Add GHC 9.12.4 and Stack 3.9.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/f9150cb1d140e9a9271700670baa38991e6fa25c\"\u003e\u003ccode\u003ef9150cb\u003c/code\u003e\u003c/a\u003e Add Stack 3.9.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/dc63c94789664bb2910876ec3dfeeaa24d23b96b\"\u003e\u003ccode\u003edc63c94\u003c/code\u003e\u003c/a\u003e Remove GHCup vanilla channel from defaults\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/7786314267139caaaf743fbdb70341b116a8d25d\"\u003e\u003ccode\u003e7786314\u003c/code\u003e\u003c/a\u003e await addGhcupReleaseChannel\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/57571745c639e06be44b0a6a5874b874eb8ba392\"\u003e\u003ccode\u003e5757174\u003c/code\u003e\u003c/a\u003e Move all ghcup-add-channel commands into same group\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/ca45ec3f5855d88df81d141f6bbe87cf96aa7ede\"\u003e\u003ccode\u003eca45ec3\u003c/code\u003e\u003c/a\u003e Remove broken GHC 9.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/eb29c237a18b47554a426cb75d69844f689dc049\"\u003e\u003ccode\u003eeb29c23\u003c/code\u003e\u003c/a\u003e Use GHCup vanilla and prereleases channels by default\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/243ff44acce6b550747dcb4b9fa8a960b76e3fb0\"\u003e\u003ccode\u003e243ff44\u003c/code\u003e\u003c/a\u003e Add GHCs 9.14.1 and 9.12.3 and Cabal 3.16.1.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/haskell-actions/setup/compare/ec49483bfc012387b227434aba94f59a6ecd0900...cd0d9bdd65b20557f41bea4dbe43d0b5fbbfe553\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/cache` from 4.0.2 to 5.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/cache/releases\"\u003eactions/cache's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate ts-http-runtime dependency by \u003ca href=\"https://github.com/yacaovsnc\"\u003e\u003ccode\u003e@​yacaovsnc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1747\"\u003eactions/cache#1747\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v5...v5.0.5\"\u003ehttps://github.com/actions/cache/compare/v5...v5.0.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd release instructions and update maintainer docs by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1696\"\u003eactions/cache#1696\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePotential fix for code scanning alert no. 52: Workflow does not contain permissions by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1697\"\u003eactions/cache#1697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix workflow permissions and cleanup workflow names / formatting by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1699\"\u003eactions/cache#1699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Update examples to use the latest version by \u003ca href=\"https://github.com/XZTDean\"\u003e\u003ccode\u003e@​XZTDean\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1690\"\u003eactions/cache#1690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix proxy integration tests by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1701\"\u003eactions/cache#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix cache key in examples.md for bun.lock by \u003ca href=\"https://github.com/RyPeck\"\u003e\u003ccode\u003e@​RyPeck\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1722\"\u003eactions/cache#1722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate dependencies \u0026amp; patch security vulnerabilities by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1738\"\u003eactions/cache#1738\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/XZTDean\"\u003e\u003ccode\u003e@​XZTDean\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1690\"\u003eactions/cache#1690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/RyPeck\"\u003e\u003ccode\u003e@​RyPeck\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1722\"\u003eactions/cache#1722\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v5...v5.0.4\"\u003ehttps://github.com/actions/cache/compare/v5...v5.0.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/cache\u003c/code\u003e to v5.0.5 (Resolves: \u003ca href=\"https://github.com/actions/cache/security/dependabot/33\"\u003ehttps://github.com/actions/cache/security/dependabot/33\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/core\u003c/code\u003e to v2.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v5...v5.0.3\"\u003ehttps://github.com/actions/cache/compare/v5...v5.0.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev.5.0.2\u003c/h2\u003e\n\u003ch1\u003ev5.0.2\u003c/h1\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eWhen creating cache entries, 429s returned from the cache service will not be retried.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\n\u003cstrong\u003e\u003ccode\u003eactions/cache@v5\u003c/code\u003e runs on the Node.js 24 runtime and requires a minimum Actions Runner version of \u003ccode\u003e2.327.1\u003c/code\u003e.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eIf you are using self-hosted runners, ensure they are updated before upgrading.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003chr /\u003e\n\u003ch1\u003ev5.0.1\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/cache/blob/main/RELEASES.md\"\u003eactions/cache's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eReleases\u003c/h1\u003e\n\u003ch2\u003eHow to prepare a release\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\u003cbr /\u003e\nRelevant for maintainers with write access only.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003col\u003e\n\u003cli\u003eSwitch to a new branch from \u003ccode\u003emain\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003enpm test\u003c/code\u003e to ensure all tests are passing.\u003c/li\u003e\n\u003cli\u003eUpdate the version in \u003ca href=\"https://github.com/actions/cache/blob/main/package.json\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/package.json\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003enpm run build\u003c/code\u003e to update the compiled files.\u003c/li\u003e\n\u003cli\u003eUpdate this \u003ca href=\"https://github.com/actions/cache/blob/main/RELEASES.md\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/RELEASES.md\u003c/code\u003e\u003c/a\u003e with the new version and changes in the \u003ccode\u003e## Changelog\u003c/code\u003e section.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003elicensed cache\u003c/code\u003e to update the license report.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003elicensed status\u003c/code\u003e and resolve any warnings by updating the \u003ca href=\"https://github.com/actions/cache/blob/main/.licensed.yml\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/.licensed.yml\u003c/code\u003e\u003c/a\u003e file with the exceptions.\u003c/li\u003e\n\u003cli\u003eCommit your changes and push your branch upstream.\u003c/li\u003e\n\u003cli\u003eOpen a pull request against \u003ccode\u003emain\u003c/code\u003e and get it reviewed and merged.\u003c/li\u003e\n\u003cli\u003eDraft a new release \u003ca href=\"https://github.com/actions/cache/releases\"\u003ehttps://github.com/actions/cache/releases\u003c/a\u003e use the same version number used in \u003ccode\u003epackage.json\u003c/code\u003e\n\u003col\u003e\n\u003cli\u003eCreate a new tag with the version number.\u003c/li\u003e\n\u003cli\u003eAuto generate release notes and update them to match the changes you made in \u003ccode\u003eRELEASES.md\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eToggle the set as the latest release option.\u003c/li\u003e\n\u003cli\u003ePublish the release.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/li\u003e\n\u003cli\u003eNavigate to \u003ca href=\"https://github.com/actions/cache/actions/workflows/release-new-action-version.yml\"\u003ehttps://github.com/actions/cache/actions/workflows/release-new-action-version.yml\u003c/a\u003e\n\u003col\u003e\n\u003cli\u003eThere should be a workflow run queued with the same version number.\u003c/li\u003e\n\u003cli\u003eApprove the run to publish the new version and update the major tags for this action.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003ch3\u003e5.0.4\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003eminimatch\u003c/code\u003e to v3.1.5 (fixes ReDoS via globstar patterns)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003eundici\u003c/code\u003e to v6.24.1 (WebSocket decompression bomb protection, header validation fixes)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003efast-xml-parser\u003c/code\u003e to v5.5.6\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.3\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/cache\u003c/code\u003e to v5.0.5 (Resolves: \u003ca href=\"https://github.com/actions/cache/security/dependabot/33\"\u003ehttps://github.com/actions/cache/security/dependabot/33\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/core\u003c/code\u003e to v2.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/cache\u003c/code\u003e to v5.0.3 \u003ca href=\"https://redirect.github.com/actions/cache/pull/1692\"\u003e#1692\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@azure/storage-blob\u003c/code\u003e to \u003ccode\u003e^12.29.1\u003c/code\u003e via \u003ccode\u003e@actions/cache@5.0.1\u003c/code\u003e \u003ca href=\"https://redirect.github.com/actions/cache/pull/1685\"\u003e#1685\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.0\u003c/h3\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\n\u003ccode\u003eactions/cache@v5\u003c/code\u003e runs on the Node.js 24 runtime and requires a minimum Actions Runner version of \u003ccode\u003e2.327.1\u003c/code\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/27d5ce7f107fe9357f9df03efb73ab90386fccae\"\u003e\u003ccode\u003e27d5ce7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1747\"\u003e#1747\u003c/a\u003e from actions/yacaovsnc/update-dependency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/f280785d7b6e1884c7d12b9136eb0f4a1574fcfd\"\u003e\u003ccode\u003ef280785\u003c/code\u003e\u003c/a\u003e licensed changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/619aeb1606e195be0b36fd0ff68dcf1aff6b65a7\"\u003e\u003ccode\u003e619aeb1\u003c/code\u003e\u003c/a\u003e npm run build generated dist files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/bcf16c2893940a4899761e55c7ac3c1cf88a04f6\"\u003e\u003ccode\u003ebcf16c2\u003c/code\u003e\u003c/a\u003e Update ts-http-runtime to 0.3.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/668228422ae6a00e4ad889ee87cd7109ec5666a7\"\u003e\u003ccode\u003e6682284\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1738\"\u003e#1738\u003c/a\u003e from actions/prepare-v5.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/e34039626f957d3e3e50843d15c1b20547fc90e2\"\u003e\u003ccode\u003ee340396\u003c/code\u003e\u003c/a\u003e Update RELEASES\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/8a671105293e81530f1af99863cdf94550aba1a6\"\u003e\u003ccode\u003e8a67110\u003c/code\u003e\u003c/a\u003e Add licenses\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/1865903e1b0cb750dda9bc5c58be03424cc62830\"\u003e\u003ccode\u003e1865903\u003c/code\u003e\u003c/a\u003e Update dependencies \u0026amp; patch security vulnerabilities\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/565629816435f6c0b50676926c9b05c254113c0c\"\u003e\u003ccode\u003e5656298\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1722\"\u003e#1722\u003c/a\u003e from RyPeck/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/4e380d19e192ace8e86f23f32ca6fdec98a673c6\"\u003e\u003ccode\u003e4e380d1\u003c/code\u003e\u003c/a\u003e Fix cache key in examples.md for bun.lock\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/cache/compare/v4.0.2...27d5ce7f107fe9357f9df03efb73ab90386fccae\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/configure-pages` from 5.0.0 to 6.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/configure-pages/releases\"\u003eactions/configure-pages's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eupgrade to node 24 \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/configure-pages/issues/186\"\u003e#186\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpgrade IA Publish \u003ca href=\"https://github.com/Jcambass\"\u003e\u003ccode\u003e@​Jcambass\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/configure-pages/issues/165\"\u003e#165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd workflow file for publishing releases to immutable action package \u003ca href=\"https://github.com/Jcambass\"\u003e\u003ccode\u003e@​Jcambass\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/configure-pages/issues/163\"\u003e#163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epin draft release version \u003ca href=\"https://github.com/YiMysty\"\u003e\u003ccode\u003e@​YiMysty\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/configure-pages/issues/162\"\u003e#162\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump espree from 9.6.1 to 10.1.0 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/configure-pages/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump eslint-config-prettier from 8.8.0 to 9.1.0 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/configure-pages/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBe more friendly to Dependabot \u003ca href=\"https://github.com/yoannchaudet\"\u003e\u003ccode\u003e@​yoannchaudet\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/configure-pages/issues/158\"\u003e#158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump eslint-plugin-github from 4.10.2 to 5.0.1 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/configure-pages/issues/154\"\u003e#154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump braces from 3.0.2 to 3.0.3 in the npm_and_yarn group \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/configure-pages/issues/156\"\u003e#156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump undici from 5.28.3 to 5.28.4 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/configure-pages/issues/145\"\u003e#145\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee details of \u003ca href=\"https://github.com/actions/configure-pages/compare/v5.0.0...v5.0.1\"\u003eall code changes\u003c/a\u003e since previous release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/configure-pages/commit/45bfe0192ca1faeb007ade9deae92b16b8254a0d\"\u003e\u003ccode\u003e45bfe01\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/configure-pages/issues/186\"\u003e#186\u003c/a\u003e from salmanmkc/node24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/configure-pages/commit/d8770c2b3b71963902cec525cf516368b4411a78\"\u003e\u003ccode\u003ed8770c2\u003c/code\u003e\u003c/a\u003e Update Node version from 20 to 24 in action.yml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/configure-pages/commit/cb8a1a32801e6cdb7b111ce13761226bba88f67d\"\u003e\u003ccode\u003ecb8a1a3\u003c/code\u003e\u003c/a\u003e upgrade to node 24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/configure-pages/commit/d5606572c479bee637007364c6b4800ac4fc8573\"\u003e\u003ccode\u003ed560657\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/configure-pages/issues/165\"\u003e#165\u003c/a\u003e from actions/Jcambass-patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/configure-pages/commit/35e0ac4e4038e070ce9da26f41143bc3cf3c7e1d\"\u003e\u003ccode\u003e35e0ac4\u003c/code\u003e\u003c/a\u003e Upgrade IA Publish\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/configure-pages/commit/1dfbcbff6519463927204dc279c2e0d307824ee2\"\u003e\u003ccode\u003e1dfbcbf\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/configure-pages/issues/163\"\u003e#163\u003c/a\u003e from actions/Jcambass-patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/configure-pages/commit/2f4f988792f75a5edcc39df0e1661f78999e0348\"\u003e\u003ccode\u003e2f4f988\u003c/code\u003e\u003c/a\u003e Add workflow file for publishing releases to immutable action package\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/configure-pages/commit/0d7570ca8762e8c951911e8c9655d8973cc93174\"\u003e\u003ccode\u003e0d7570c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/configure-pages/issues/162\"\u003e#162\u003c/a\u003e from actions/pin-draft-release-verssion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/configure-pages/commit/3ea19669a5cd11c46d23d6578d088b81fe8527e5\"\u003e\u003ccode\u003e3ea1966\u003c/code\u003e\u003c/a\u003e pin draft release version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/configure-pages/commit/aabcbc432d6b06d1fd5e8bf3cf756880c35e014d\"\u003e\u003ccode\u003eaabcbc4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/configure-pages/issues/160\"\u003e#160\u003c/a\u003e from actions/dependabot/npm_and_yarn/espree-10.1.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/configure-pages/compare/983d7736d9b0ae728b81ab479565c72886d7745b...45bfe0192ca1faeb007ade9deae92b16b8254a0d\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/upload-pages-artifact` from 3.0.1 to 5.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/upload-pages-artifact/releases\"\u003eactions/upload-pages-artifact's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate upload-artifact action to version 7 \u003ca href=\"https://github.com/Tom-van-Woudenberg\"\u003e\u003ccode\u003e@​Tom-van-Woudenberg\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/upload-pages-artifact/issues/139\"\u003e#139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat: add \u003ccode\u003einclude-hidden-files\u003c/code\u003e input \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/upload-pages-artifact/issues/137\"\u003e#137\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee details of \u003ca href=\"https://github.com/actions/upload-pages-artifact/compare/v4.0.0...v4.0.1\"\u003eall code changes\u003c/a\u003e since previous release.\u003c/p\u003e\n\u003ch2\u003ev4.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePotentially breaking change: hidden files (specifically dotfiles) will not be included in the artifact by \u003ca href=\"https://github.com/tsusdere\"\u003e\u003ccode\u003e@​tsusdere\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-pages-artifact/pull/102\"\u003eactions/upload-pages-artifact#102\u003c/a\u003e\nIf you need to include dotfiles in your artifact: instead of using this action, create your own artifact according to these requirements \u003ca href=\"https://github.com/actions/upload-pages-artifact?tab=readme-ov-file#artifact-validation\"\u003ehttps://github.com/actions/upload-pages-artifact?tab=readme-ov-file#artifact-validation\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin \u003ccode\u003eactions/upload-artifact\u003c/code\u003e to SHA by \u003ca href=\"https://github.com/heavymachinery\"\u003e\u003ccode\u003e@​heavymachinery\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-pages-artifact/pull/127\"\u003eactions/upload-pages-artifact#127\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/upload-pages-artifact/compare/v3.0.1...v4.0.0\"\u003ehttps://github.com/actions/upload-pages-artifact/compare/v3.0.1...v4.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/fc324d3547104276b827a68afc52ff2a11cc49c9\"\u003e\u003ccode\u003efc324d3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-pages-artifact/issues/139\"\u003e#139\u003c/a\u003e from Tom-van-Woudenberg/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/fe9d4b7d84090e1d8d9c53a0236f810d4e00d2c3\"\u003e\u003ccode\u003efe9d4b7\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/0ca16172ca884f0a37117fed41734f29784cc980\"\u003e\u003ccode\u003e0ca1617\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-pages-artifact/issues/137\"\u003e#137\u003c/a\u003e from jonchurch/include-hidden-files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/57f0e8492b437b7818227931fef2faa1a379839b\"\u003e\u003ccode\u003e57f0e84\u003c/code\u003e\u003c/a\u003e Update action.yml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/4a90348b2933470dc78cec55534259872a6d3c0d\"\u003e\u003ccode\u003e4a90348\u003c/code\u003e\u003c/a\u003e v7 --\u0026gt; hash\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/56f665a6f297fa95f8d735b314187fb2d7764569\"\u003e\u003ccode\u003e56f665a\u003c/code\u003e\u003c/a\u003e Update upload-artifact action to version 7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/f7615f5917213b24245d49ba96693d0f5375a414\"\u003e\u003ccode\u003ef7615f5\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003einclude-hidden-files\u003c/code\u003e input\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/7b1f4a764d45c48632c6b24a0339c27f5614fb0b\"\u003e\u003ccode\u003e7b1f4a7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-pages-artifact/issues/127\"\u003e#127\u003c/a\u003e from heavymachinery/pin-sha\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/4cc19c7d3f3e6c87c68366501382a03c8b1ba6db\"\u003e\u003ccode\u003e4cc19c7\u003c/code\u003e\u003c/a\u003e Pin \u003ccode\u003eactions/upload-artifact\u003c/code\u003e to SHA\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/2d163be3ddce01512f3eea7ac5b7023b5d643ce1\"\u003e\u003ccode\u003e2d163be\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-pages-artifact/issues/107\"\u003e#107\u003c/a\u003e from KittyChiu/main\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/upload-pages-artifact/compare/56afc609e74202658d3ffba0e8f6dda462b719fa...fc324d3547104276b827a68afc52ff2a11cc49c9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/deploy-pages` from 4.0.5 to 5.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/deploy-pages/releases\"\u003eactions/deploy-pages's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Node.js version to 24.x \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/deploy-pages/issues/404\"\u003e#404\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd workflow file for publishing releases to immutable action package \u003ca href=\"https://github.com/Jcambass\"\u003e\u003ccode\u003e@​Jcambass\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/deploy-pages/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump braces from 3.0.2 to 3.0.3 in the npm_and_yarn group across 1 directory \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/deploy-pages/issues/360\"\u003e#360\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMake the rebuild dist workflow work nicer with Dependabot \u003ca href=\"https://github.com/yoannchaudet\"\u003e\u003ccode\u003e@​yoannchaudet\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/deploy-pages/issues/361\"\u003e#361\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump the non-breaking-changes group across 1 directory with 3 updates \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/deploy-pages/issues/358\"\u003e#358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDelete repeated sentence \u003ca href=\"https://github.com/garethsb\"\u003e\u003ccode\u003e@​garethsb\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/deploy-pages/issues/359\"\u003e#359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate README.md \u003ca href=\"https://github.com/tsusdere\"\u003e\u003ccode\u003e@​tsusdere\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/deploy-pages/issues/348\"\u003e#348\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump the non-breaking-changes group with 4 updates \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/deploy-pages/issues/341\"\u003e#341\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove error message for file permissions \u003ca href=\"https://github.com/TooManyBees\"\u003e\u003ccode\u003e@​TooManyBees\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/deploy-pages/issues/340\"\u003e#340\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eSee details of \u003ca href=\"https://github.com/actions/deploy-pages/compare/v4.0.5...v4.0.6\"\u003eall code changes\u003c/a\u003e since previous release.\u003c/p\u003e\n\u003cp\u003e:warning: For use with products other than GitHub.com, such as GitHub Enterprise Server, please consult the \u003ca href=\"https://github.com/actions/deploy-pages/#compatibility\"\u003ecompatibility table\u003c/a\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/deploy-pages/commit/cd2ce8fcbc39b97be8ca5fce6e763baed58fa128\"\u003e\u003ccode\u003ecd2ce8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/deploy-pages/issues/404\"\u003e#404\u003c/a\u003e from salmanmkc/node24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/deploy-pages/commit/bbe2a950ee52d4f5cbe74e6d9d6a8803676e91d5\"\u003e\u003ccode\u003ebbe2a95\u003c/code\u003e\u003c/a\u003e Update Node.js version to 24.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/deploy-pages/commit/854d7aa1b99e4509c4d1b53d69b7ba4eaf39215a\"\u003e\u003ccode\u003e854d7aa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/deploy-pages/issues/374\"\u003e#374\u003c/a\u003e from actions/Jcambass-patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/deploy-pages/commit/306bb814f29679fd12f0e4b0014bc1f3a7e7f4bc\"\u003e\u003ccode\u003e306bb81\u003c/code\u003e\u003c/a\u003e Add workflow file for publishing releases to immutable action package\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/deploy-pages/commit/b74272834adc04f971da4b0b055c49fa8d7f90c9\"\u003e\u003ccode\u003eb742728\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/deploy-pages/issues/360\"\u003e#360\u003c/a\u003e from actions/dependabot/npm_and_yarn/npm_and_yarn-513...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/deploy-pages/commit/72732942c639e67ea3f70165fd2e012dd6d95027\"\u003e\u003ccode\u003e7273294\u003c/code\u003e\u003c/a\u003e Bump braces in the npm_and_yarn group across 1 directory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/deploy-pages/commit/963791f01c40ef3eff219c255dbfb97a6f2c9f87\"\u003e\u003ccode\u003e963791f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/deploy-pages/issues/361\"\u003e#361\u003c/a\u003e from actions/dependabot-friendly\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/deploy-pages/commit/51bb29d9d7bfe15d731c4957ce1887b5ae8c6727\"\u003e\u003ccode\u003e51bb29d\u003c/code\u003e\u003c/a\u003e Make the rebuild dist workflow safer for Dependabot\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/deploy-pages/commit/89f3d10406f57ee86e6517a982b3fb0438bd6dc5\"\u003e\u003ccode\u003e89f3d10\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/deploy-pages/issues/358\"\u003e#358\u003c/a\u003e from actions/dependabot/npm_and_yarn/non-breaking-cha...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/deploy-pages/commit/bce735589bbbfa569f1d2ac003277b590d743e4c\"\u003e\u003ccode\u003ebce7355\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into dependabot/npm_and_yarn/non-breaking-changes-99c12deb21\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/deploy-pages/compare/d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e...cd2ce8fcbc39b97be8ca5fce6e763baed58fa128\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `erlef/setup-beam` from 1.18.2 to 1.24.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.24.0\u003c/h2\u003e\n\u003ch2\u003e⚠️ Potentially breaking changes\u003c/h2\u003e\n\u003cp\u003eSince GitHub is phasing out Node 20 runners, the \u003ccode\u003eerlef/setup-beam\u003c/code\u003e action has updated its requirements ([see PR \u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/426\"\u003e#426\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e)). Please \u003cstrong\u003eensure your workflow files are updated\u003c/strong\u003e to align with the \u003ca href=\"https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/\"\u003elatest GitHub Actions standards\u003c/a\u003e to avoid execution failures.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Node 24 runtime by \u003ca href=\"https://github.com/levibuzolic\"\u003e\u003ccode\u003e@​levibuzolic\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix error that occurs when parsing TOML files that use dotted keys by \u003ca href=\"https://github.com/mitchellhenke\"\u003e\u003ccode\u003e@​mitchellhenke\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/444\"\u003eerlef/setup-beam#444\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAutomation\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/435\"\u003eerlef/setup-beam#435\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/436\"\u003eerlef/setup-beam#436\u003c/a\u003e, and \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/442\"\u003eerlef/setup-beam#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSecurity\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump eslint from 10.0.3 to 10.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/439\"\u003eerlef/setup-beam#439\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump yauzl from 3.2.0 to 3.2.1 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/437\"\u003eerlef/setup-beam#437\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump csv-parse from 6.1.0 to 6.2.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/440\"\u003eerlef/setup-beam#440\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump picomatch from 4.0.3 to 4.0.4 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/443\"\u003eerlef/setup-beam#443\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: address \u003ccode\u003ePrototype Pollution via parse() in NodeJS flatted\u003c/code\u003e by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/445\"\u003eerlef/setup-beam#445\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/levibuzolic\"\u003e\u003ccode\u003e@​levibuzolic\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mitchellhenke\"\u003e\u003ccode\u003e@​mitchellhenke\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/444\"\u003eerlef/setup-beam#444\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.24.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.24.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/fc68ffb90438ef2936bbb3251622353b3dcb2f93\"\u003e\u003ccode\u003efc68ffb\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 190c3a5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/190c3a5e7b2d0a7e53ac2ae08f02a617c755b13d\"\u003e\u003ccode\u003e190c3a5\u003c/code\u003e\u003c/a\u003e Fix error that occurs when parsing TOML files that use dotted keys (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/444\"\u003e#444\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/92dab893ed9373c7c8b219be47f9e6ad3684507b\"\u003e\u003ccode\u003e92dab89\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 5dfda65\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/5dfda6550693b3e524212c8e8956489385351723\"\u003e\u003ccode\u003e5dfda65\u003c/code\u003e\u003c/a\u003e fix: address \u003ccode\u003ePrototype Pollution via parse() in NodeJS flatted\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/445\"\u003e#445\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ef385d6edc40d082c376680340dc4581014fb5c3\"\u003e\u003ccode\u003eef385d6\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to bf3c3af\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf3c3af135ef07a5f34ef23377a9cbf2b2e1fab0\"\u003e\u003ccode\u003ebf3c3af\u003c/code\u003e\u003c/a\u003e Bump picomatch from 4.0.3 to 4.0.4 in the npm_and_yarn group across 1 directo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/e7645e410255776e1f30cddea2b7842df4b842fb\"\u003e\u003ccode\u003ee7645e4\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to a36098e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/a36098e7415c702808cc414302b5a3fa2c83df52\"\u003e\u003ccode\u003ea36098e\u003c/code\u003e\u003c/a\u003e Bump csv-parse from 6.1.0 to 6.2.1 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/440\"\u003e#440\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/87781dc68a92d3ae823e02b5a7c030621fcc71a2\"\u003e\u003ccode\u003e87781dc\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to d5f3979\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/d5f3979a5f2803385ad71e7a9e178d31f89b8d2b\"\u003e\u003ccode\u003ed5f3979\u003c/code\u003e\u003c/a\u003e Support Node 24 runtime (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/426\"\u003e#426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1.18.2...fc68ffb90438ef2936bbb3251622353b3dcb2f93\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 4.32.6 to 4.35.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.35.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.34.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDowngrade default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e due to issues with a small percentage of Actions and JavaScript analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3762\"\u003e#3762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.34.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded an experimental change which disables TRAP caching when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3569\"\u003e#3569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWe are rolling out improved incremental analysis to C/C++ analyses that use build mode \u003ccode\u003enone\u003c/code\u003e. We expect this rollout to be complete by the end of April 2026. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3584\"\u003e#3584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0\"\u003e2.25.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3585\"\u003e#3585\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.33.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.5 - 15 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.4 - 07 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.3 - 01 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.2 - 15 Apr 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache...\n\n_Description has been truncated_","html_url":"https://github.com/hyperpolymath/seamstress/pull/9","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyperpolymath%2Fseamstress/issues/9","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9/packages"},{"uuid":"4366846053","node_id":"PR_kwDOPiJIA87XioU4","number":41,"state":"closed","title":"deps: Bump the actions group across 1 directory with 8 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-14T00:41:06.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-01T21:57:49.000Z","updated_at":"2026-05-14T00:41:08.000Z","time_to_close":1046597,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps: Bump","group_name":"actions","update_count":8,"packages":[{"name":"step-security/harden-runner","old_version":"2.14.2","new_version":"2.19.0","repository_url":"https://github.com/step-security/harden-runner"},{"name":"KineticCafe/actions-dco","old_version":"2.0.0","new_version":"2.1.1","repository_url":"https://github.com/kineticcafe/actions-dco"},{"name":"actions/checkout","old_version":"6.0.1","new_version":"6.0.2","repository_url":"https://github.com/actions/checkout"},{"name":"actions/dependency-review-action","old_version":"4.8.2","new_version":"4.9.0","repository_url":"https://github.com/actions/dependency-review-action"},{"name":"erlef/setup-beam","old_version":"1.20.4","new_version":"1.24.0","repository_url":"https://github.com/erlef/setup-beam"},{"name":"actions/cache","old_version":"5.0.1","new_version":"5.0.5","repository_url":"https://github.com/actions/cache"},{"name":"reviewdog/action-actionlint","old_version":"1.69.1","new_version":"1.72.0","repository_url":"https://github.com/reviewdog/action-actionlint"},{"name":"zizmorcore/zizmor-action","old_version":"0.3.0","new_version":"0.5.3","repository_url":"https://github.com/zizmorcore/zizmor-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 8 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.14.2` | `2.19.0` |\n| [KineticCafe/actions-dco](https://github.com/kineticcafe/actions-dco) | `2.0.0` | `2.1.1` |\n| [actions/checkout](https://github.com/actions/checkout) | `6.0.1` | `6.0.2` |\n| [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.8.2` | `4.9.0` |\n| [erlef/setup-beam](https://github.com/erlef/setup-beam) | `1.20.4` | `1.24.0` |\n| [actions/cache](https://github.com/actions/cache) | `5.0.1` | `5.0.5` |\n| [reviewdog/action-actionlint](https://github.com/reviewdog/action-actionlint) | `1.69.1` | `1.72.0` |\n| [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action) | `0.3.0` | `0.5.3` |\n\n\nUpdates `step-security/harden-runner` from 2.14.2 to 2.19.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/step-security/harden-runner/releases\"\u003estep-security/harden-runner's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.19.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eNew Runner Support\u003c/h3\u003e\n\u003cp\u003eHarden-Runner now supports Depot, Blacksmith, Namespace, and WarpBuild runners with the same egress monitoring, runtime monitoring, and policy enforcement available on GitHub-hosted runners.\u003c/p\u003e\n\u003ch3\u003eAutomated Incident Response for Supply Chain Attacks\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eGlobal block list: Outbound connections to known malicious domains and IPs are now blocked even in audit mode.\u003c/li\u003e\n\u003cli\u003eSystem-defined detection rules: Harden-Runner will trigger lockdown mode when a high risk event is detected during an active supply chain attack (for example, a process reading the memory of the runner worker process, a common technique for stealing GitHub Actions secrets).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cp\u003eWindows and macOS: stability and reliability fixes\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.18.0...v2.19.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.18.0...v2.19.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.18.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eGlobal Block List: During supply chain incidents like the recent axios and trivy compromises, StepSecurity will add known malicious domains and IP addresses (IOCs) to a global block list. These will be automatically blocked, even in audit mode, providing immediate protection without requiring any workflow changes.\u003c/p\u003e\n\u003cp\u003eDeploy on Self-Hosted VM: Added \u003ccode\u003edeploy-on-self-hosted-vm\u003c/code\u003e input that allows the Harden Runner agent to be installed directly on ephemeral self-hosted Linux runner VMs at workflow runtime. This is intended as an alternative when baking the agent into the VM image is not possible.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.17.0...v2.18.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.17.0...v2.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.17.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003ePolicy Store Support\u003c/h3\u003e\n\u003cp\u003eAdded \u003ccode\u003euse-policy-store\u003c/code\u003e and \u003ccode\u003eapi-key\u003c/code\u003e inputs to fetch security policies directly from the \u003ca href=\"https://docs.stepsecurity.io/harden-runner/policy-store\"\u003eStepSecurity Policy Store\u003c/a\u003e. Policies can be defined and attached at the workflow, repo, org, or cluster (ARC) level, with the most granular policy taking precedence. This is the preferred method over the existing \u003ccode\u003epolicy\u003c/code\u003e input which requires \u003ccode\u003eid-token: write\u003c/code\u003e permission. If no policy is found in the store, the action defaults to audit mode.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.16.1...v2.17.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.16.1...v2.17.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eEnterprise tier: Added support for direct IP addresses in the allow list\nCommunity tier: Migrated Harden Runner telemetry to a new endpoint\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.16.0...v2.16.1\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.16.0...v2.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated action.yml to use node24\u003c/li\u003e\n\u003cli\u003eSecurity fix: Fixed a medium severity vulnerability where the egress block policy could be bypassed via DNS over HTTPS (DoH) by proxying DNS queries through a permitted resolver, allowing data exfiltration even with a restrictive allowed-endpoints list. This issue only affects the Community Tier; the Enterprise Tier is not affected. See \u003ca href=\"https://github.com/step-security/harden-runner/security/advisories/GHSA-46g3-37rh-v698\"\u003eGHSA-46g3-37rh-v698\u003c/a\u003e for details.\u003c/li\u003e\n\u003cli\u003eSecurity fix: Fixed a medium severity vulnerability where the egress block policy could be bypassed via DNS queries over TCP to external resolvers, allowing outbound network communication that evades configured network restrictions. This issue only affects the Community Tier; the Enterprise Tier is not affected. See \u003ca href=\"https://github.com/step-security/harden-runner/security/advisories/GHSA-g699-3x6g-wm3g\"\u003eGHSA-g699-3x6g-wm3g\u003c/a\u003e for details.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.15.1...v2.16.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.15.1...v2.16.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.15.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/642\"\u003estep-security/harden-runner#642\u003c/a\u003e bug due to which post step was failing on Windows ARM runners\u003c/li\u003e\n\u003cli\u003eUpdates npm packages\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/8d3c67de8e2fe68ef647c8db1e6a09f647780f40\"\u003e\u003ccode\u003e8d3c67d\u003c/code\u003e\u003c/a\u003e Release v2.19.0 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/661\"\u003e#661\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/6c3c2f2c1c457b00c10c4848d6f5491db3b629df\"\u003e\u003ccode\u003e6c3c2f2\u003c/code\u003e\u003c/a\u003e Feature/deploy on self hosted vm (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/658\"\u003e#658\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/f808768d1510423e83855289c910610ca9b43176\"\u003e\u003ccode\u003ef808768\u003c/code\u003e\u003c/a\u003e Feature/policy store (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/656\"\u003e#656\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/fe104658747b27e96e4f7e80cd0a94068e53901d\"\u003e\u003ccode\u003efe10465\u003c/code\u003e\u003c/a\u003e v2.16.1 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/654\"\u003e#654\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594\"\u003e\u003ccode\u003efa2e9d6\u003c/code\u003e\u003c/a\u003e Release v2.16.0 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/646\"\u003e#646\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/58077d3c7e43986b6b15fba718e8ea69e387dfcc\"\u003e\u003ccode\u003e58077d3\u003c/code\u003e\u003c/a\u003e Release v2.15.1 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/641\"\u003e#641\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/a90bcbc6539c36a85cdfeb73f7e2f433735f215b\"\u003e\u003ccode\u003ea90bcbc\u003c/code\u003e\u003c/a\u003e Update readme (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/637\"\u003e#637\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/f0a59d88538059e010b6ebd90b74e2740a6d05fc\"\u003e\u003ccode\u003ef0a59d8\u003c/code\u003e\u003c/a\u003e Release v2.15.0 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/639\"\u003e#639\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/step-security/harden-runner/compare/5ef0c079ce82195b2a36a210272d6b661572d83e...8d3c67de8e2fe68ef647c8db1e6a09f647780f40\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `KineticCafe/actions-dco` from 2.0.0 to 2.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kineticcafe/actions-dco/releases\"\u003eKineticCafe/actions-dco's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: bump actions/checkout from 5.0.0 to 6.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/KineticCafe/actions-dco/pull/197\"\u003eKineticCafe/actions-dco#197\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump actions/setup-node from 6.0.0 to 6.1.0 in the actions group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/KineticCafe/actions-dco/pull/200\"\u003eKineticCafe/actions-dco#200\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/KineticCafe/actions-dco/compare/v2.1.0...v2.1.1\"\u003ehttps://github.com/KineticCafe/actions-dco/compare/v2.1.0...v2.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: Bump pnpm/action-setup from 4.1.0 to 4.2.0 in the actions group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/KineticCafe/actions-dco/pull/189\"\u003eKineticCafe/actions-dco#189\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump actions/upload-artifact from 4.6.2 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/KineticCafe/actions-dco/pull/192\"\u003eKineticCafe/actions-dco#192\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump actions/setup-node from 5.0.0 to 6.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/KineticCafe/actions-dco/pull/190\"\u003eKineticCafe/actions-dco#190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump the bundler group with 2 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/KineticCafe/actions-dco/pull/191\"\u003eKineticCafe/actions-dco#191\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump js-yaml from 4.1.0 to 4.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/KineticCafe/actions-dco/pull/193\"\u003eKineticCafe/actions-dco#193\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Escape the \u003ccode\u003ereason\u003c/code\u003e in the summary table by \u003ca href=\"https://github.com/halostatue\"\u003e\u003ccode\u003e@​halostatue\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/KineticCafe/actions-dco/pull/199\"\u003eKineticCafe/actions-dco#199\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/KineticCafe/actions-dco/compare/v2.0.0...v2.1.0\"\u003ehttps://github.com/KineticCafe/actions-dco/compare/v2.0.0...v2.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/KineticCafe/actions-dco/blob/main/Changelog.md\"\u003eKineticCafe/actions-dco's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eKineticCafe/actions-dco Changelog\u003c/h1\u003e\n\u003ch2\u003e2.1.0 / 2025-12-17\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpgraded dependencies.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded a possible workaround to \u003ca href=\"https://redirect.github.com/kineticcafe/actions-dco/issues/198\"\u003e#198\u003c/a\u003e[issue-198].\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.0 / 2025-10-17\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgraded dependencies and set runtime as Node v24.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.8 / 2025-09-07\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade dependencies.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.7 / 2025-08-23\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump version number as it was forgotten for 1.3.6.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.6 / 2025-08-17\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrade dependencies.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded debug logs to try to debug \u003ca href=\"https://redirect.github.com/kineticcafe/actions-dco/issues/169\"\u003e#169\u003c/a\u003e[issue-169].\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eChange \u003ccode\u003egitSignoffs\u003c/code\u003e to use \u003ccode\u003eString.prototype.matchAll()\u003c/code\u003e instead of\n\u003ccode\u003eRegexp.prototype.exec()\u003c/code\u003e, and to use named capture groups. While I don't\nexpect this to fix \u003ca href=\"https://redirect.github.com/kineticcafe/actions-dco/issues/169\"\u003e#169\u003c/a\u003e[issue-169] based on the example data provided, it\nshould result in improved pattern matching across multiple commits.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.5 / 2025-08-01\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade dependencies.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.4 / 2025-03-01\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade dependencies.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.3 / 2025-02-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade dependencies, resolving a potential security issue.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.2 / 2024-12-01\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade dependencies.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.1 / 2024-11-01\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade dependencies.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KineticCafe/actions-dco/commit/6e1652ef3027ce128e65e6edd215ae053350bd16\"\u003e\u003ccode\u003e6e1652e\u003c/code\u003e\u003c/a\u003e chore: Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KineticCafe/actions-dco/commit/cd037df4d37aecd7cf7401e9a4a7ab89da941be4\"\u003e\u003ccode\u003ecd037df\u003c/code\u003e\u003c/a\u003e deps: bump actions/setup-node in the actions group across 1 directory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KineticCafe/actions-dco/commit/07b1ace348de5211cb9d258b6ca14cd7eff24a0d\"\u003e\u003ccode\u003e07b1ace\u003c/code\u003e\u003c/a\u003e chore: Update dist to try to fix a token issue\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KineticCafe/actions-dco/commit/b256b18a6f7ade986e2f6f10ae4e2ca150e23671\"\u003e\u003ccode\u003eb256b18\u003c/code\u003e\u003c/a\u003e deps: bump actions/checkout from 5.0.0 to 6.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KineticCafe/actions-dco/commit/76b7fc30ff5988e68d01ea07deeaf7e71256598f\"\u003e\u003ccode\u003e76b7fc3\u003c/code\u003e\u003c/a\u003e fix: Escape the \u003ccode\u003ereason\u003c/code\u003e in the summary table\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KineticCafe/actions-dco/commit/bc076f26f1031526c102fc674c5e9daf3bd0069a\"\u003e\u003ccode\u003ebc076f2\u003c/code\u003e\u003c/a\u003e deps: Update dist/ after dependabot update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KineticCafe/actions-dco/commit/3899b64419b9540830bf21edb396445324baface\"\u003e\u003ccode\u003e3899b64\u003c/code\u003e\u003c/a\u003e deps: Add autofix capability to Dependabot PRs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KineticCafe/actions-dco/commit/dc1cf81203f802ca4782e0134bbad6c449eb4fe9\"\u003e\u003ccode\u003edc1cf81\u003c/code\u003e\u003c/a\u003e deps: bump js-yaml from 4.1.0 to 4.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KineticCafe/actions-dco/commit/28c71a1f4cb5ffb179e8aac7a3f2df6f90e12a72\"\u003e\u003ccode\u003e28c71a1\u003c/code\u003e\u003c/a\u003e deps: bump the bundler group with 2 updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KineticCafe/actions-dco/commit/7fc90a9ac55ce37431299c5245bd64aabf864f05\"\u003e\u003ccode\u003e7fc90a9\u003c/code\u003e\u003c/a\u003e deps: bump actions/setup-node from 5.0.0 to 6.0.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kineticcafe/actions-dco/compare/cd9508e5ae82413fbd74b20af21551db0ea3eb78...6e1652ef3027ce128e65e6edd215ae053350bd16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/checkout` from 6.0.1 to 6.0.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/releases\"\u003eactions/checkout's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set by \u003ca href=\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2355\"\u003eactions/checkout#2355\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix tag handling: preserve annotations and explicit fetch-tags by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2356\"\u003eactions/checkout#2356\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v6.0.1...v6.0.2\"\u003ehttps://github.com/actions/checkout/compare/v6.0.1...v6.0.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/blob/main/CHANGELOG.md\"\u003eactions/checkout's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix tag handling: preserve annotations and explicit fetch-tags by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2356\"\u003eactions/checkout#2356\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd worktree support for persist-credentials includeIf by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2327\"\u003eactions/checkout#2327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca href=\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca href=\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca href=\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdjust positioning of user email note and permissions heading by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2044\"\u003eactions/checkout#2044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2194\"\u003eactions/checkout#2194\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CODEOWNERS for actions by \u003ca href=\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2224\"\u003eactions/checkout#2224\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate package dependencies by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2236\"\u003eactions/checkout#2236\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eurl-helper.ts\u003c/code\u003e now leverages well-known environment variables by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1941\"\u003eactions/checkout#1941\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpand unit test coverage for \u003ccode\u003eisGhes\u003c/code\u003e by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1946\"\u003eactions/checkout#1946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck out other refs/* by commit if provided, fall back to ref by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1924\"\u003eactions/checkout#1924\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Ref and Commit outputs by \u003ca href=\"https://github.com/lucacome\"\u003e\u003ccode\u003e@​lucacome\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1180\"\u003eactions/checkout#1180\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDependency updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e- \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1777\"\u003eactions/checkout#1777\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1872\"\u003eactions/checkout#1872\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump the minor-npm-dependencies group across 1 directory with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1739\"\u003eactions/checkout#1739\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 3 to 4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1697\"\u003eactions/checkout#1697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCheck out other refs/* by commit by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1774\"\u003eactions/checkout#1774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin actions/checkout's own workflows to a known, good, stable version. by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1776\"\u003eactions/checkout#1776\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck platform to set archive extension appropriately by \u003ca href=\"https://github.com/cory-miller\"\u003e\u003ccode\u003e@​cory-miller\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1732\"\u003eactions/checkout#1732\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003e\u003ccode\u003ede0fac2\u003c/code\u003e\u003c/a\u003e Fix tag handling: preserve annotations and explicit fetch-tags (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2356\"\u003e#2356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49\"\u003e\u003ccode\u003e064fe7f\u003c/code\u003e\u003c/a\u003e Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/actions/checkout/compare/8e8c483db84b4bee98b60c0593521ed34d9990e8...de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/dependency-review-action` from 4.8.2 to 4.9.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/dependency-review-action/releases\"\u003eactions/dependency-review-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDependency Review Action 4.9.0\u003c/h2\u003e\n\u003cp\u003eThis feature release contains a couple of notable changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThere is a new configuration option \u003ccode\u003eshow_patched_versions\u003c/code\u003e which will add a column to the output, showing the fix version of each vulnerable dependency. Thanks \u003ca href=\"https://github.com/felickz\"\u003e\u003ccode\u003e@​felickz\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eRuns which do not display OpenSSF scorecards no longer fetch scorecard information; previously it was fetched regardless of whether or not it was displayed, causing unneccessary slowness. Great catch \u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eThere are a couple of fixes to purl parsing which should improve match accuracy for \u003ccode\u003eallow-package-dependency\u003c/code\u003e lists, including case (in)sensitivity and url-encoded namespaces Thanks \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCompare normalized purls to account for encoding quirks by \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1056\"\u003eactions/dependency-review-action#1056\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake purl comparisons case insensitive by \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1057\"\u003eactions/dependency-review-action#1057\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFeat: Add \u003ccode\u003ePatched Version\u003c/code\u003e to \u003ccode\u003eVulnerabilities\u003c/code\u003e summary by \u003ca href=\"https://github.com/felickz\"\u003e\u003ccode\u003e@​felickz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1045\"\u003eactions/dependency-review-action#1045\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: only get scorecard levels if user wants to see the OpenSSF scorecard by \u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1060\"\u003eactions/dependency-review-action#1060\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/stale from 10.1.0 to 10.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1058\"\u003eactions/dependency-review-action#1058\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 4 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1021\"\u003eactions/dependency-review-action#1021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdates for release 4.9.0 by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1064\"\u003eactions/dependency-review-action#1064\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1060\"\u003eactions/dependency-review-action#1060\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/dependency-review-action/compare/v4.8.3...v4.9.0\"\u003ehttps://github.com/actions/dependency-review-action/compare/v4.8.3...v4.9.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.8.3\u003c/h2\u003e\n\u003ch2\u003eDependency Review Action v4.8.3\u003c/h2\u003e\n\u003cp\u003eThis is a bugfix release that updates a number of upstream dependencies and includes a fix for the earlier feature that detected oversized summaries and upload them as artifacts, which could occasionally crash the action.\u003c/p\u003e\n\u003cp\u003eWe have also updated the release process to use a long-lived \u003ccode\u003ev4\u003c/code\u003e \u003cstrong\u003ebranch\u003c/strong\u003e for the action, instead of a force-pushed tag, which aligns better with git branching strategies; the change should be transparent to end users.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGitHub Actions can't push to our protected main by \u003ca href=\"https://github.com/dangoor\"\u003e\u003ccode\u003e@​dangoor\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1017\"\u003eactions/dependency-review-action#1017\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/stale from 9.1.0 to 10.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/995\"\u003eactions/dependency-review-action#995\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump github/codeql-action from 3 to 4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1003\"\u003eactions/dependency-review-action#1003\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 4 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1005\"\u003eactions/dependency-review-action#1005\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade glob to address a vulnerability by \u003ca href=\"https://github.com/brrygrdn\"\u003e\u003ccode\u003e@​brrygrdn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1024\"\u003eactions/dependency-review-action#1024\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump js-yaml by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1020\"\u003eactions/dependency-review-action#1020\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAddressing vulnerabilities by \u003ca href=\"https://github.com/Ahmed3lmallah\"\u003e\u003ccode\u003e@​Ahmed3lmallah\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1036\"\u003eactions/dependency-review-action#1036\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump fast-xml-parser from 5.3.3 to 5.3.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1050\"\u003eactions/dependency-review-action#1050\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump fast-xml-parser from 5.3.5 to 5.3.6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1053\"\u003eactions/dependency-review-action#1053\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProperly truncate long summaries and catch errors by \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1052\"\u003eactions/dependency-review-action#1052\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump spdx-expression-parse from 3.0.1 to 4.0.0 in the spdx-licenses group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/931\"\u003eactions/dependency-review-action#931\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChanges for Release 4.8.3 by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1054\"\u003eactions/dependency-review-action#1054\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/dependency-review-action/compare/v4.8.2..v4.8.3\"\u003ehttps://github.com/actions/dependency-review-action/compare/v4.8.2..v4.8.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/2031cfc080254a8a887f58cffee85186f0e49e48\"\u003e\u003ccode\u003e2031cfc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1064\"\u003e#1064\u003c/a\u003e from actions/ahpook/release-4.9.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/d02fa39f790d6e8a4ecafab5848251ff12c20df7\"\u003e\u003ccode\u003ed02fa39\u003c/code\u003e\u003c/a\u003e Updates for release 4.9.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/4038a34c4b30f7c11a7d45dc8dbea40e2211aa27\"\u003e\u003ccode\u003e4038a34\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1021\"\u003e#1021\u003c/a\u003e from actions/dependabot/github_actions/actions/check...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/a632b8386b2cc2b1b99427606b513f7632d27e91\"\u003e\u003ccode\u003ea632b83\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1058\"\u003e#1058\u003c/a\u003e from actions/dependabot/github_actions/actions/stale...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/57a3d46a7be2c2e259fa3284ffc501296337f2ac\"\u003e\u003ccode\u003e57a3d46\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1060\"\u003e#1060\u003c/a\u003e from jantiebot/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/5ecdc4b5781cdabdfe233d6e58ec18eac23e275d\"\u003e\u003ccode\u003e5ecdc4b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1045\"\u003e#1045\u003c/a\u003e from forks-felickz/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/e8c2f9a12c568d6f36f8d3a9935a6c71afc691f5\"\u003e\u003ccode\u003ee8c2f9a\u003c/code\u003e\u003c/a\u003e fix: remove inferrable type annotation to pass eslint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/0e129e113c878bfe7c1abf6c6d94b180cbf71086\"\u003e\u003ccode\u003e0e129e1\u003c/code\u003e\u003c/a\u003e Prettier  - Refactor summary table rendering for improved readability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/aa60746a920d63ce55376f67d381e15edd3a714d\"\u003e\u003ccode\u003eaa60746\u003c/code\u003e\u003c/a\u003e Add 'show-patched-versions' option to configuration and update summary handling\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/e4047984002250b82268ac37f613ab74366e1d85\"\u003e\u003ccode\u003ee404798\u003c/code\u003e\u003c/a\u003e Merge upstream actions/dependency-review-action main\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/dependency-review-action/compare/3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261...2031cfc080254a8a887f58cffee85186f0e49e48\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `erlef/setup-beam` from 1.20.4 to 1.24.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.24.0\u003c/h2\u003e\n\u003ch2\u003e⚠️ Potentially breaking changes\u003c/h2\u003e\n\u003cp\u003eSince GitHub is phasing out Node 20 runners, the \u003ccode\u003eerlef/setup-beam\u003c/code\u003e action has updated its requirements ([see PR \u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/426\"\u003e#426\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e)). Please \u003cstrong\u003eensure your workflow files are updated\u003c/strong\u003e to align with the \u003ca href=\"https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/\"\u003elatest GitHub Actions standards\u003c/a\u003e to avoid execution failures.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Node 24 runtime by \u003ca href=\"https://github.com/levibuzolic\"\u003e\u003ccode\u003e@​levibuzolic\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix error that occurs when parsing TOML files that use dotted keys by \u003ca href=\"https://github.com/mitchellhenke\"\u003e\u003ccode\u003e@​mitchellhenke\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/444\"\u003eerlef/setup-beam#444\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAutomation\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/435\"\u003eerlef/setup-beam#435\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/436\"\u003eerlef/setup-beam#436\u003c/a\u003e, and \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/442\"\u003eerlef/setup-beam#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSecurity\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump eslint from 10.0.3 to 10.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/439\"\u003eerlef/setup-beam#439\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump yauzl from 3.2.0 to 3.2.1 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/437\"\u003eerlef/setup-beam#437\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump csv-parse from 6.1.0 to 6.2.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/440\"\u003eerlef/setup-beam#440\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump picomatch from 4.0.3 to 4.0.4 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/443\"\u003eerlef/setup-beam#443\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: address \u003ccode\u003ePrototype Pollution via parse() in NodeJS flatted\u003c/code\u003e by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/445\"\u003eerlef/setup-beam#445\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/levibuzolic\"\u003e\u003ccode\u003e@​levibuzolic\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mitchellhenke\"\u003e\u003ccode\u003e@​mitchellhenke\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/444\"\u003eerlef/setup-beam#444\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.24.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.24.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/fc68ffb90438ef2936bbb3251622353b3dcb2f93\"\u003e\u003ccode\u003efc68ffb\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 190c3a5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/190c3a5e7b2d0a7e53ac2ae08f02a617c755b13d\"\u003e\u003ccode\u003e190c3a5\u003c/code\u003e\u003c/a\u003e Fix error that occurs when parsing TOML files that use dotted keys (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/444\"\u003e#444\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/92dab893ed9373c7c8b219be47f9e6ad3684507b\"\u003e\u003ccode\u003e92dab89\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 5dfda65\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/5dfda6550693b3e524212c8e8956489385351723\"\u003e\u003ccode\u003e5dfda65\u003c/code\u003e\u003c/a\u003e fix: address \u003ccode\u003ePrototype Pollution via parse() in NodeJS flatted\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/445\"\u003e#445\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ef385d6edc40d082c376680340dc4581014fb5c3\"\u003e\u003ccode\u003eef385d6\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to bf3c3af\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf3c3af135ef07a5f34ef23377a9cbf2b2e1fab0\"\u003e\u003ccode\u003ebf3c3af\u003c/code\u003e\u003c/a\u003e Bump picomatch from 4.0.3 to 4.0.4 in the npm_and_yarn group across 1 directo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/e7645e410255776e1f30cddea2b7842df4b842fb\"\u003e\u003ccode\u003ee7645e4\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to a36098e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/a36098e7415c702808cc414302b5a3fa2c83df52\"\u003e\u003ccode\u003ea36098e\u003c/code\u003e\u003c/a\u003e Bump csv-parse from 6.1.0 to 6.2.1 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/440\"\u003e#440\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/87781dc68a92d3ae823e02b5a7c030621fcc71a2\"\u003e\u003ccode\u003e87781dc\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to d5f3979\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/d5f3979a5f2803385ad71e7a9e178d31f89b8d2b\"\u003e\u003ccode\u003ed5f3979\u003c/code\u003e\u003c/a\u003e Support Node 24 runtime (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/426\"\u003e#426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/e6d7c94229049569db56a7ad5a540c051a010af9...fc68ffb90438ef2936bbb3251622353b3dcb2f93\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/cache` from 5.0.1 to 5.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/cache/releases\"\u003eactions/cache's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate ts-http-runtime dependency by \u003ca href=\"https://github.com/yacaovsnc\"\u003e\u003ccode\u003e@​yacaovsnc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1747\"\u003eactions/cache#1747\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v5...v5.0.5\"\u003ehttps://github.com/actions/cache/compare/v5...v5.0.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd release instructions and update maintainer docs by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1696\"\u003eactions/cache#1696\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePotential fix for code scanning alert no. 52: Workflow does not contain permissions by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1697\"\u003eactions/cache#1697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix workflow permissions and cleanup workflow names / formatting by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1699\"\u003eactions/cache#1699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Update examples to use the latest version by \u003ca href=\"https://github.com/XZTDean\"\u003e\u003ccode\u003e@​XZTDean\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1690\"\u003eactions/cache#1690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix proxy integration tests by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1701\"\u003eactions/cache#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix cache key in examples.md for bun.lock by \u003ca href=\"https://github.com/RyPeck\"\u003e\u003ccode\u003e@​RyPeck\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1722\"\u003eactions/cache#1722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate dependencies \u0026amp; patch security vulnerabilities by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1738\"\u003eactions/cache#1738\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/XZTDean\"\u003e\u003ccode\u003e@​XZTDean\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1690\"\u003eactions/cache#1690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/RyPeck\"\u003e\u003ccode\u003e@​RyPeck\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1722\"\u003eactions/cache#1722\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v5...v5.0.4\"\u003ehttps://github.com/actions/cache/compare/v5...v5.0.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/cache\u003c/code\u003e to v5.0.5 (Resolves: \u003ca href=\"https://github.com/actions/cache/security/dependabot/33\"\u003ehttps://github.com/actions/cache/security/dependabot/33\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/core\u003c/code\u003e to v2.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v5...v5.0.3\"\u003ehttps://github.com/actions/cache/compare/v5...v5.0.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev.5.0.2\u003c/h2\u003e\n\u003ch1\u003ev5.0.2\u003c/h1\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eWhen creating cache entries, 429s returned from the cache service will not be retried.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/cache/blob/main/RELEASES.md\"\u003eactions/cache's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eReleases\u003c/h1\u003e\n\u003ch2\u003eHow to prepare a release\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\u003cbr /\u003e\nRelevant for maintainers with write access only.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003col\u003e\n\u003cli\u003eSwitch to a new branch from \u003ccode\u003emain\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003enpm test\u003c/code\u003e to ensure all tests are passing.\u003c/li\u003e\n\u003cli\u003eUpdate the version in \u003ca href=\"https://github.com/actions/cache/blob/main/package.json\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/package.json\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003enpm run build\u003c/code\u003e to update the compiled files.\u003c/li\u003e\n\u003cli\u003eUpdate this \u003ca href=\"https://github.com/actions/cache/blob/main/RELEASES.md\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/RELEASES.md\u003c/code\u003e\u003c/a\u003e with the new version and changes in the \u003ccode\u003e## Changelog\u003c/code\u003e section.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003elicensed cache\u003c/code\u003e to update the license report.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003elicensed status\u003c/code\u003e and resolve any warnings by updating the \u003ca href=\"https://github.com/actions/cache/blob/main/.licensed.yml\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/.licensed.yml\u003c/code\u003e\u003c/a\u003e file with the exceptions.\u003c/li\u003e\n\u003cli\u003eCommit your changes and push your branch upstream.\u003c/li\u003e\n\u003cli\u003eOpen a pull request against \u003ccode\u003emain\u003c/code\u003e and get it reviewed and merged.\u003c/li\u003e\n\u003cli\u003eDraft a new release \u003ca href=\"https://github.com/actions/cache/releases\"\u003ehttps://github.com/actions/cache/releases\u003c/a\u003e use the same version number used in \u003ccode\u003epackage.json\u003c/code\u003e\n\u003col\u003e\n\u003cli\u003eCreate a new tag with the version number.\u003c/li\u003e\n\u003cli\u003eAuto generate release notes and update them to match the changes you made in \u003ccode\u003eRELEASES.md\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eToggle the set as the latest release option.\u003c/li\u003e\n\u003cli\u003ePublish the release.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/li\u003e\n\u003cli\u003eNavigate to \u003ca href=\"https://github.com/actions/cache/actions/workflows/release-new-action-version.yml\"\u003ehttps://github.com/actions/cache/actions/workflows/release-new-action-version.yml\u003c/a\u003e\n\u003col\u003e\n\u003cli\u003eThere should be a workflow run queued with the same version number.\u003c/li\u003e\n\u003cli\u003eApprove the run to publish the new version and update the major tags for this action.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003ch3\u003e5.0.4\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003eminimatch\u003c/code\u003e to v3.1.5 (fixes ReDoS via globstar patterns)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003eundici\u003c/code\u003e to v6.24.1 (WebSocket decompression bomb protection, header validation fixes)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003efast-xml-parser\u003c/code\u003e to v5.5.6\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.3\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/cache\u003c/code\u003e to v5.0.5 (Resolves: \u003ca href=\"https://github.com/actions/cache/security/dependabot/33\"\u003ehttps://github.com/actions/cache/security/dependabot/33\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/core\u003c/code\u003e to v2.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/cache\u003c/code\u003e to v5.0.3 \u003ca href=\"https://redirect.github.com/actions/cache/pull/1692\"\u003e#1692\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@azure/storage-blob\u003c/code\u003e to \u003ccode\u003e^12.29.1\u003c/code\u003e via \u003ccode\u003e@actions/cache@5.0.1\u003c/code\u003e \u003ca href=\"https://redirect.github.com/actions/cache/pull/1685\"\u003e#1685\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.0\u003c/h3\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\n\u003ccode\u003eactions/cache@v5\u003c/code\u003e runs on the Node.js 24 runtime and requires a minimum Actions Runner version of \u003ccode\u003e2.327.1\u003c/code\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/27d5ce7f107fe9357f9df03efb73ab90386fccae\"\u003e\u003ccode\u003e27d5ce7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1747\"\u003e#1747\u003c/a\u003e from actions/yacaovsnc/update-dependency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/f280785d7b6e1884c7d12b9136eb0f4a1574fcfd\"\u003e\u003ccode\u003ef280785\u003c/code\u003e\u003c/a\u003e licensed changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/619aeb1606e195be0b36fd0ff68dcf1aff6b65a7\"\u003e\u003ccode\u003e619aeb1\u003c/code\u003e\u003c/a\u003e npm run build generated dist files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/bcf16c2893940a4899761e55c7ac3c1cf88a04f6\"\u003e\u003ccode\u003ebcf16c2\u003c/code\u003e\u003c/a\u003e Update ts-http-runtime to 0.3.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/668228422ae6a00e4ad889ee87cd7109ec5666a7\"\u003e\u003ccode\u003e6682284\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1738\"\u003e#1738\u003c/a\u003e from actions/prepare-v5.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/e34039626f957d3e3e50843d15c1b20547fc90e2\"\u003e\u003ccode\u003ee340396\u003c/code\u003e\u003c/a\u003e Update RELEASES\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/8a671105293e81530f1af99863cdf94550aba1a6\"\u003e\u003ccode\u003e8a67110\u003c/code\u003e\u003c/a\u003e Add licenses\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/1865903e1b0cb750dda9bc5c58be03424cc62830\"\u003e\u003ccode\u003e1865903\u003c/code\u003e\u003c/a\u003e Update dependencies \u0026amp; patch security vulnerabilities\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/565629816435f6c0b50676926c9b05c254113c0c\"\u003e\u003ccode\u003e5656298\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1722\"\u003e#1722\u003c/a\u003e from RyPeck/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/4e380d19e192ace8e86f23f32ca6fdec98a673c6\"\u003e\u003ccode\u003e4e380d1\u003c/code\u003e\u003c/a\u003e Fix cache key in examples.md for bun.lock\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/cache/compare/9255dc7a253b0ccc959486e2bca901246202afeb...27d5ce7f107fe9357f9df03efb73ab90386fccae\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `reviewdog/action-actionlint` from 1.69.1 to 1.72.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/reviewdog/action-actionlint/releases\"\u003ereviewdog/action-actionlint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease v1.72.0\u003c/h2\u003e\n\u003cp\u003ev1.72.0: PR \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/196\"\u003e#196\u003c/a\u003e - chore(deps): update actionlint to 1.7.12\u003c/p\u003e\n\u003ch2\u003eRelease v1.71.0\u003c/h2\u003e\n\u003cp\u003ev1.71.0: PR \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/193\"\u003e#193\u003c/a\u003e - chore(deps): update actionlint to 1.7.11\u003c/p\u003e\n\u003ch2\u003eRelease v1.70.0\u003c/h2\u003e\n\u003cp\u003ev1.70.0: PR \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/191\"\u003e#191\u003c/a\u003e - chore(deps): update actionlint to 1.7.10\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/6fb7acc99f4a1008869fa8a0f09cfca740837d9d\"\u003e\u003ccode\u003e6fb7acc\u003c/code\u003e\u003c/a\u003e bump v1.72.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/b2a904a8c140063d06dc5319ba69a672d7a4909d\"\u003e\u003ccode\u003eb2a904a\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into releases/v1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/5eaffa19a1991ecc52b11eddcdd57760d1ac7e3d\"\u003e\u003ccode\u003e5eaffa1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/196\"\u003e#196\u003c/a\u003e from reviewdog/depup/actionlint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/39a67548aa7718c321746aa5a54a9e8034505cde\"\u003e\u003ccode\u003e39a6754\u003c/code\u003e\u003c/a\u003e chore(deps): update actionlint to 1.7.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/d39025c0fb1cc41ac827852403ea94804b0e6907\"\u003e\u003ccode\u003ed39025c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/195\"\u003e#195\u003c/a\u003e from reviewdog/renovate/docker-setup-buildx-action-4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/2e8272d25ca2b89be8abc6a0b65c8c5e8a5eae05\"\u003e\u003ccode\u003e2e8272d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/194\"\u003e#194\u003c/a\u003e from reviewdog/renovate/docker-setup-qemu-action-4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/128d9b7b1e43f8eaef5602138f5c9f80ee3c3149\"\u003e\u003ccode\u003e128d9b7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/190\"\u003e#190\u003c/a\u003e from reviewdog/renovate/shogo82148-actions-create-rel...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/1674e4f79a2bf9c94d1d301e60b8f8226eea0137\"\u003e\u003ccode\u003e1674e4f\u003c/code\u003e\u003c/a\u003e chore(deps): update docker/setup-buildx-action action to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/8fdb9d20764d93bca3a294fe7fd615fcf8a82332\"\u003e\u003ccode\u003e8fdb9d2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/189\"\u003e#189\u003c/a\u003e from reviewdog/renovate/docker-setup-buildx-action-3.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/a518ce8798c4eda875ca9e369388679ec67ac3ac\"\u003e\u003ccode\u003ea518ce8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/188\"\u003e#188\u003c/a\u003e from reviewdog/renovate/peter-evans-create-pull-reque...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/reviewdog/action-actionlint/compare/83e4ed25b168066ad8f62f5afbb29ebd8641d982...6fb7acc99f4a1008869fa8a0f09cfca740837d9d\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zizmorcore/zizmor-action` from 0.3.0 to 0.5.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/zizmorcore/zizmor-action/releases\"\u003ezizmorcore/zizmor-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.5.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e1.24.0\u003c/code\u003e and \u003ccode\u003e1.24.1\u003c/code\u003e are now available via the action\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e1.24.1\u003c/code\u003e is now the default version of zizmor used by the action\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/zizmorcore/zizmor-action/compare/v0.5.2...v0.5.3\"\u003ehttps://github.com/zizmorcore/zizmor-action/compare/v0.5.2...v0.5.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ezizmor 1.23.1 is now the default used by this action.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/zizmorcore/zizmor-action/compare/v0.5.1...v0.5.2\"\u003ehttps://github.com/zizmorcore/zizmor-action/compare/v0.5.1...v0.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ezizmor 1.23.0 is now the default used by this action.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/zizmorcore/zizmor-action/compare/v0.5.0...v0.5.1\"\u003ehttps://github.com/zizmorcore/zizmor-action/compare/v0.5.0...v0.5.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eExpose \u003ccode\u003eoutput-file\u003c/code\u003e as an output when \u003ccode\u003eadvanced-security: true\u003c/code\u003e by \u003ca href=\"https://github.com/unlobito\"\u003e\u003ccode\u003e@​unlobito\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/pull/87\"\u003ezizmorcore/zizmor-action#87\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unlobito\"\u003e\u003ccode\u003e@​unlobito\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/pull/87\"\u003ezizmorcore/zizmor-action#87\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/zizmorcore/zizmor-action/compare/v0.4.1...v0.5.0\"\u003ehttps://github.com/zizmorcore/zizmor-action/compare/v0.4.1...v0.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.4.1\u003c/h2\u003e\n\u003cp\u003eThis version fixes an error in the 0.4.0 release that prevented non-relative use\nof the action.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix version file path by \u003ca href=\"https://github.com/woodruffw\"\u003e\u003ccode\u003e@​woodruffw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/pull/83\"\u003ezizmorcore/zizmor-action#83\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/zizmorcore/zizmor-action/compare/v0.4.0...v0.4.1\"\u003ehttps://github.com/zizmorcore/zizmor-action/compare/v0.4.0...v0.4.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.4.0\u003c/h2\u003e\n\u003cp\u003eThis new version of \u003ccode\u003ezizmor-action\u003c/code\u003e brings two major changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eThe new \u003ccode\u003efail-on-no-inputs\u003c/code\u003e option can be used to control whether\n\u003ccode\u003ezizmor-action\u003c/code\u003e fails if no inputs were collected by \u003ccode\u003ezizmor\u003c/code\u003e. The default\nremains \u003ccode\u003etrue\u003c/code\u003e, reflecting the pre-existing behavior.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe action's use of the official \u003ccode\u003ezizmor\u003c/code\u003e Docker images is now fully\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/b1d7e1fb5de872772f31590499237e7cce841e8e\"\u003e\u003ccode\u003eb1d7e1f\u003c/code\u003e\u003c/a\u003e Sync zizmor versions (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/a195b57475917ddcb70845e5ffe1c3a15dbbdedc\"\u003e\u003ccode\u003ea195b57\u003c/code\u003e\u003c/a\u003e Sync zizmor versions (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/100\"\u003e#100\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/629d5d01fe5939a6aeae25c1bd1acd2cfa28e9b2\"\u003e\u003ccode\u003e629d5d0\u003c/code\u003e\u003c/a\u003e chore(deps): bump github/codeql-action in the github-actions group (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/99\"\u003e#99\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/453d591467e8199b1d5c6883b6ec5c22a12aac72\"\u003e\u003ccode\u003e453d591\u003c/code\u003e\u003c/a\u003e chore(deps): bump the github-actions group with 2 updates (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/98\"\u003e#98\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/ea2c18b942410df0b22bed3b94c361c407518d45\"\u003e\u003ccode\u003eea2c18b\u003c/code\u003e\u003c/a\u003e Bump pins (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/97\"\u003e#97\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/71321a20a9ded102f6e9ce5718a2fcec2c4f70d8\"\u003e\u003ccode\u003e71321a2\u003c/code\u003e\u003c/a\u003e Sync zizmor versions (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/5ed31db0964a9d37608edd5b0675de2b52070662\"\u003e\u003ccode\u003e5ed31db\u003c/code\u003e\u003c/a\u003e Bump pins (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/195d10ad90f31d8cd6ea1efd6ecc12969ddbe73f\"\u003e\u003ccode\u003e195d10a\u003c/code\u003e\u003c/a\u003e Sync zizmor versions (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/94\"\u003e#94\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/c65bc8876171b6d82748ec98b77c0193b1226b94\"\u003e\u003ccode\u003ec65bc88\u003c/code\u003e\u003c/a\u003e chore(deps): bump github/codeql-action in the github-actions group (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/93\"\u003e#93\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/c2c887f84674f9c15123e2905d2d307675d8bc01\"\u003e\u003ccode\u003ec2c887f\u003c/code\u003e\u003c/a\u003e chore(deps): bump zizmorcore/zizmor-action in the github-actions group (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/91\"\u003e#91\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/zizmorcore/zizmor-action/compare/e639db99335bc9038abc0e066dfcd72e23d26fb4...b1d7e1fb5de872772f31590499237e7cce841e8e\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/halostatue/mnemonist/pull/41","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/halostatue%2Fmnemonist/issues/41","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/41/packages"},{"uuid":"4363130601","node_id":"PR_kwDORF6wcM7XWw7M","number":9,"state":"closed","title":"deps: Bump the actions group across 1 directory with 6 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-13T04:19:17.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-01T06:16:04.000Z","updated_at":"2026-05-13T04:19:19.000Z","time_to_close":1029793,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps: Bump","group_name":"actions","update_count":6,"packages":[{"name":"step-security/harden-runner","old_version":"2.14.2","new_version":"2.19.0","repository_url":"https://github.com/step-security/harden-runner"},{"name":"actions/dependency-review-action","old_version":"4.8.3","new_version":"4.9.0","repository_url":"https://github.com/actions/dependency-review-action"},{"name":"erlef/setup-beam","old_version":"1.20.4","new_version":"1.24.0","repository_url":"https://github.com/erlef/setup-beam"},{"name":"actions/cache","old_version":"5.0.3","new_version":"5.0.5","repository_url":"https://github.com/actions/cache"},{"name":"reviewdog/action-actionlint","old_version":"1.71.0","new_version":"1.72.0","repository_url":"https://github.com/reviewdog/action-actionlint"},{"name":"zizmorcore/zizmor-action","old_version":"0.5.0","new_version":"0.5.3","repository_url":"https://github.com/zizmorcore/zizmor-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 6 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.14.2` | `2.19.0` |\n| [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.8.3` | `4.9.0` |\n| [erlef/setup-beam](https://github.com/erlef/setup-beam) | `1.20.4` | `1.24.0` |\n| [actions/cache](https://github.com/actions/cache) | `5.0.3` | `5.0.5` |\n| [reviewdog/action-actionlint](https://github.com/reviewdog/action-actionlint) | `1.71.0` | `1.72.0` |\n| [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action) | `0.5.0` | `0.5.3` |\n\n\nUpdates `step-security/harden-runner` from 2.14.2 to 2.19.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/step-security/harden-runner/releases\"\u003estep-security/harden-runner's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.19.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eNew Runner Support\u003c/h3\u003e\n\u003cp\u003eHarden-Runner now supports Depot, Blacksmith, Namespace, and WarpBuild runners with the same egress monitoring, runtime monitoring, and policy enforcement available on GitHub-hosted runners.\u003c/p\u003e\n\u003ch3\u003eAutomated Incident Response for Supply Chain Attacks\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eGlobal block list: Outbound connections to known malicious domains and IPs are now blocked even in audit mode.\u003c/li\u003e\n\u003cli\u003eSystem-defined detection rules: Harden-Runner will trigger lockdown mode when a high risk event is detected during an active supply chain attack (for example, a process reading the memory of the runner worker process, a common technique for stealing GitHub Actions secrets).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cp\u003eWindows and macOS: stability and reliability fixes\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.18.0...v2.19.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.18.0...v2.19.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.18.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eGlobal Block List: During supply chain incidents like the recent axios and trivy compromises, StepSecurity will add known malicious domains and IP addresses (IOCs) to a global block list. These will be automatically blocked, even in audit mode, providing immediate protection without requiring any workflow changes.\u003c/p\u003e\n\u003cp\u003eDeploy on Self-Hosted VM: Added \u003ccode\u003edeploy-on-self-hosted-vm\u003c/code\u003e input that allows the Harden Runner agent to be installed directly on ephemeral self-hosted Linux runner VMs at workflow runtime. This is intended as an alternative when baking the agent into the VM image is not possible.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.17.0...v2.18.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.17.0...v2.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.17.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003ePolicy Store Support\u003c/h3\u003e\n\u003cp\u003eAdded \u003ccode\u003euse-policy-store\u003c/code\u003e and \u003ccode\u003eapi-key\u003c/code\u003e inputs to fetch security policies directly from the \u003ca href=\"https://docs.stepsecurity.io/harden-runner/policy-store\"\u003eStepSecurity Policy Store\u003c/a\u003e. Policies can be defined and attached at the workflow, repo, org, or cluster (ARC) level, with the most granular policy taking precedence. This is the preferred method over the existing \u003ccode\u003epolicy\u003c/code\u003e input which requires \u003ccode\u003eid-token: write\u003c/code\u003e permission. If no policy is found in the store, the action defaults to audit mode.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.16.1...v2.17.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.16.1...v2.17.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eEnterprise tier: Added support for direct IP addresses in the allow list\nCommunity tier: Migrated Harden Runner telemetry to a new endpoint\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.16.0...v2.16.1\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.16.0...v2.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated action.yml to use node24\u003c/li\u003e\n\u003cli\u003eSecurity fix: Fixed a medium severity vulnerability where the egress block policy could be bypassed via DNS over HTTPS (DoH) by proxying DNS queries through a permitted resolver, allowing data exfiltration even with a restrictive allowed-endpoints list. This issue only affects the Community Tier; the Enterprise Tier is not affected. See \u003ca href=\"https://github.com/step-security/harden-runner/security/advisories/GHSA-46g3-37rh-v698\"\u003eGHSA-46g3-37rh-v698\u003c/a\u003e for details.\u003c/li\u003e\n\u003cli\u003eSecurity fix: Fixed a medium severity vulnerability where the egress block policy could be bypassed via DNS queries over TCP to external resolvers, allowing outbound network communication that evades configured network restrictions. This issue only affects the Community Tier; the Enterprise Tier is not affected. See \u003ca href=\"https://github.com/step-security/harden-runner/security/advisories/GHSA-g699-3x6g-wm3g\"\u003eGHSA-g699-3x6g-wm3g\u003c/a\u003e for details.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.15.1...v2.16.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.15.1...v2.16.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.15.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/642\"\u003estep-security/harden-runner#642\u003c/a\u003e bug due to which post step was failing on Windows ARM runners\u003c/li\u003e\n\u003cli\u003eUpdates npm packages\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/8d3c67de8e2fe68ef647c8db1e6a09f647780f40\"\u003e\u003ccode\u003e8d3c67d\u003c/code\u003e\u003c/a\u003e Release v2.19.0 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/661\"\u003e#661\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/6c3c2f2c1c457b00c10c4848d6f5491db3b629df\"\u003e\u003ccode\u003e6c3c2f2\u003c/code\u003e\u003c/a\u003e Feature/deploy on self hosted vm (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/658\"\u003e#658\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/f808768d1510423e83855289c910610ca9b43176\"\u003e\u003ccode\u003ef808768\u003c/code\u003e\u003c/a\u003e Feature/policy store (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/656\"\u003e#656\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/fe104658747b27e96e4f7e80cd0a94068e53901d\"\u003e\u003ccode\u003efe10465\u003c/code\u003e\u003c/a\u003e v2.16.1 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/654\"\u003e#654\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594\"\u003e\u003ccode\u003efa2e9d6\u003c/code\u003e\u003c/a\u003e Release v2.16.0 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/646\"\u003e#646\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/58077d3c7e43986b6b15fba718e8ea69e387dfcc\"\u003e\u003ccode\u003e58077d3\u003c/code\u003e\u003c/a\u003e Release v2.15.1 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/641\"\u003e#641\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/a90bcbc6539c36a85cdfeb73f7e2f433735f215b\"\u003e\u003ccode\u003ea90bcbc\u003c/code\u003e\u003c/a\u003e Update readme (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/637\"\u003e#637\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/f0a59d88538059e010b6ebd90b74e2740a6d05fc\"\u003e\u003ccode\u003ef0a59d8\u003c/code\u003e\u003c/a\u003e Release v2.15.0 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/639\"\u003e#639\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/step-security/harden-runner/compare/5ef0c079ce82195b2a36a210272d6b661572d83e...8d3c67de8e2fe68ef647c8db1e6a09f647780f40\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/dependency-review-action` from 4.8.3 to 4.9.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/dependency-review-action/releases\"\u003eactions/dependency-review-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDependency Review Action 4.9.0\u003c/h2\u003e\n\u003cp\u003eThis feature release contains a couple of notable changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThere is a new configuration option \u003ccode\u003eshow_patched_versions\u003c/code\u003e which will add a column to the output, showing the fix version of each vulnerable dependency. Thanks \u003ca href=\"https://github.com/felickz\"\u003e\u003ccode\u003e@​felickz\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eRuns which do not display OpenSSF scorecards no longer fetch scorecard information; previously it was fetched regardless of whether or not it was displayed, causing unneccessary slowness. Great catch \u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eThere are a couple of fixes to purl parsing which should improve match accuracy for \u003ccode\u003eallow-package-dependency\u003c/code\u003e lists, including case (in)sensitivity and url-encoded namespaces Thanks \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCompare normalized purls to account for encoding quirks by \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1056\"\u003eactions/dependency-review-action#1056\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake purl comparisons case insensitive by \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1057\"\u003eactions/dependency-review-action#1057\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFeat: Add \u003ccode\u003ePatched Version\u003c/code\u003e to \u003ccode\u003eVulnerabilities\u003c/code\u003e summary by \u003ca href=\"https://github.com/felickz\"\u003e\u003ccode\u003e@​felickz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1045\"\u003eactions/dependency-review-action#1045\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: only get scorecard levels if user wants to see the OpenSSF scorecard by \u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1060\"\u003eactions/dependency-review-action#1060\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/stale from 10.1.0 to 10.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1058\"\u003eactions/dependency-review-action#1058\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 4 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1021\"\u003eactions/dependency-review-action#1021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdates for release 4.9.0 by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1064\"\u003eactions/dependency-review-action#1064\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1060\"\u003eactions/dependency-review-action#1060\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/dependency-review-action/compare/v4.8.3...v4.9.0\"\u003ehttps://github.com/actions/dependency-review-action/compare/v4.8.3...v4.9.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/2031cfc080254a8a887f58cffee85186f0e49e48\"\u003e\u003ccode\u003e2031cfc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1064\"\u003e#1064\u003c/a\u003e from actions/ahpook/release-4.9.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/d02fa39f790d6e8a4ecafab5848251ff12c20df7\"\u003e\u003ccode\u003ed02fa39\u003c/code\u003e\u003c/a\u003e Updates for release 4.9.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/4038a34c4b30f7c11a7d45dc8dbea40e2211aa27\"\u003e\u003ccode\u003e4038a34\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1021\"\u003e#1021\u003c/a\u003e from actions/dependabot/github_actions/actions/check...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/a632b8386b2cc2b1b99427606b513f7632d27e91\"\u003e\u003ccode\u003ea632b83\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1058\"\u003e#1058\u003c/a\u003e from actions/dependabot/github_actions/actions/stale...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/57a3d46a7be2c2e259fa3284ffc501296337f2ac\"\u003e\u003ccode\u003e57a3d46\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1060\"\u003e#1060\u003c/a\u003e from jantiebot/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/5ecdc4b5781cdabdfe233d6e58ec18eac23e275d\"\u003e\u003ccode\u003e5ecdc4b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1045\"\u003e#1045\u003c/a\u003e from forks-felickz/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/e8c2f9a12c568d6f36f8d3a9935a6c71afc691f5\"\u003e\u003ccode\u003ee8c2f9a\u003c/code\u003e\u003c/a\u003e fix: remove inferrable type annotation to pass eslint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/0e129e113c878bfe7c1abf6c6d94b180cbf71086\"\u003e\u003ccode\u003e0e129e1\u003c/code\u003e\u003c/a\u003e Prettier  - Refactor summary table rendering for improved readability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/aa60746a920d63ce55376f67d381e15edd3a714d\"\u003e\u003ccode\u003eaa60746\u003c/code\u003e\u003c/a\u003e Add 'show-patched-versions' option to configuration and update summary handling\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/e4047984002250b82268ac37f613ab74366e1d85\"\u003e\u003ccode\u003ee404798\u003c/code\u003e\u003c/a\u003e Merge upstream actions/dependency-review-action main\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/dependency-review-action/compare/05fe4576374b728f0c523d6a13d64c25081e0803...2031cfc080254a8a887f58cffee85186f0e49e48\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `erlef/setup-beam` from 1.20.4 to 1.24.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.24.0\u003c/h2\u003e\n\u003ch2\u003e⚠️ Potentially breaking changes\u003c/h2\u003e\n\u003cp\u003eSince GitHub is phasing out Node 20 runners, the \u003ccode\u003eerlef/setup-beam\u003c/code\u003e action has updated its requirements ([see PR \u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/426\"\u003e#426\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e)). Please \u003cstrong\u003eensure your workflow files are updated\u003c/strong\u003e to align with the \u003ca href=\"https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/\"\u003elatest GitHub Actions standards\u003c/a\u003e to avoid execution failures.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Node 24 runtime by \u003ca href=\"https://github.com/levibuzolic\"\u003e\u003ccode\u003e@​levibuzolic\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix error that occurs when parsing TOML files that use dotted keys by \u003ca href=\"https://github.com/mitchellhenke\"\u003e\u003ccode\u003e@​mitchellhenke\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/444\"\u003eerlef/setup-beam#444\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAutomation\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/435\"\u003eerlef/setup-beam#435\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/436\"\u003eerlef/setup-beam#436\u003c/a\u003e, and \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/442\"\u003eerlef/setup-beam#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSecurity\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump eslint from 10.0.3 to 10.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/439\"\u003eerlef/setup-beam#439\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump yauzl from 3.2.0 to 3.2.1 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/437\"\u003eerlef/setup-beam#437\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump csv-parse from 6.1.0 to 6.2.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/440\"\u003eerlef/setup-beam#440\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump picomatch from 4.0.3 to 4.0.4 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/443\"\u003eerlef/setup-beam#443\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: address \u003ccode\u003ePrototype Pollution via parse() in NodeJS flatted\u003c/code\u003e by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/445\"\u003eerlef/setup-beam#445\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/levibuzolic\"\u003e\u003ccode\u003e@​levibuzolic\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mitchellhenke\"\u003e\u003ccode\u003e@​mitchellhenke\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/444\"\u003eerlef/setup-beam#444\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.24.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.24.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/fc68ffb90438ef2936bbb3251622353b3dcb2f93\"\u003e\u003ccode\u003efc68ffb\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 190c3a5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/190c3a5e7b2d0a7e53ac2ae08f02a617c755b13d\"\u003e\u003ccode\u003e190c3a5\u003c/code\u003e\u003c/a\u003e Fix error that occurs when parsing TOML files that use dotted keys (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/444\"\u003e#444\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/92dab893ed9373c7c8b219be47f9e6ad3684507b\"\u003e\u003ccode\u003e92dab89\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 5dfda65\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/5dfda6550693b3e524212c8e8956489385351723\"\u003e\u003ccode\u003e5dfda65\u003c/code\u003e\u003c/a\u003e fix: address \u003ccode\u003ePrototype Pollution via parse() in NodeJS flatted\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/445\"\u003e#445\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ef385d6edc40d082c376680340dc4581014fb5c3\"\u003e\u003ccode\u003eef385d6\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to bf3c3af\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf3c3af135ef07a5f34ef23377a9cbf2b2e1fab0\"\u003e\u003ccode\u003ebf3c3af\u003c/code\u003e\u003c/a\u003e Bump picomatch from 4.0.3 to 4.0.4 in the npm_and_yarn group across 1 directo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/e7645e410255776e1f30cddea2b7842df4b842fb\"\u003e\u003ccode\u003ee7645e4\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to a36098e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/a36098e7415c702808cc414302b5a3fa2c83df52\"\u003e\u003ccode\u003ea36098e\u003c/code\u003e\u003c/a\u003e Bump csv-parse from 6.1.0 to 6.2.1 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/440\"\u003e#440\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/87781dc68a92d3ae823e02b5a7c030621fcc71a2\"\u003e\u003ccode\u003e87781dc\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to d5f3979\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/d5f3979a5f2803385ad71e7a9e178d31f89b8d2b\"\u003e\u003ccode\u003ed5f3979\u003c/code\u003e\u003c/a\u003e Support Node 24 runtime (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/426\"\u003e#426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/e6d7c94229049569db56a7ad5a540c051a010af9...fc68ffb90438ef2936bbb3251622353b3dcb2f93\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/cache` from 5.0.3 to 5.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/cache/releases\"\u003eactions/cache's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate ts-http-runtime dependency by \u003ca href=\"https://github.com/yacaovsnc\"\u003e\u003ccode\u003e@​yacaovsnc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1747\"\u003eactions/cache#1747\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v5...v5.0.5\"\u003ehttps://github.com/actions/cache/compare/v5...v5.0.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd release instructions and update maintainer docs by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1696\"\u003eactions/cache#1696\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePotential fix for code scanning alert no. 52: Workflow does not contain permissions by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1697\"\u003eactions/cache#1697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix workflow permissions and cleanup workflow names / formatting by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1699\"\u003eactions/cache#1699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Update examples to use the latest version by \u003ca href=\"https://github.com/XZTDean\"\u003e\u003ccode\u003e@​XZTDean\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1690\"\u003eactions/cache#1690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix proxy integration tests by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1701\"\u003eactions/cache#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix cache key in examples.md for bun.lock by \u003ca href=\"https://github.com/RyPeck\"\u003e\u003ccode\u003e@​RyPeck\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1722\"\u003eactions/cache#1722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate dependencies \u0026amp; patch security vulnerabilities by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1738\"\u003eactions/cache#1738\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/XZTDean\"\u003e\u003ccode\u003e@​XZTDean\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1690\"\u003eactions/cache#1690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/RyPeck\"\u003e\u003ccode\u003e@​RyPeck\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1722\"\u003eactions/cache#1722\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v5...v5.0.4\"\u003ehttps://github.com/actions/cache/compare/v5...v5.0.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/cache/blob/main/RELEASES.md\"\u003eactions/cache's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eReleases\u003c/h1\u003e\n\u003ch2\u003eHow to prepare a release\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\u003cbr /\u003e\nRelevant for maintainers with write access only.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003col\u003e\n\u003cli\u003eSwitch to a new branch from \u003ccode\u003emain\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003enpm test\u003c/code\u003e to ensure all tests are passing.\u003c/li\u003e\n\u003cli\u003eUpdate the version in \u003ca href=\"https://github.com/actions/cache/blob/main/package.json\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/package.json\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003enpm run build\u003c/code\u003e to update the compiled files.\u003c/li\u003e\n\u003cli\u003eUpdate this \u003ca href=\"https://github.com/actions/cache/blob/main/RELEASES.md\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/RELEASES.md\u003c/code\u003e\u003c/a\u003e with the new version and changes in the \u003ccode\u003e## Changelog\u003c/code\u003e section.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003elicensed cache\u003c/code\u003e to update the license report.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003elicensed status\u003c/code\u003e and resolve any warnings by updating the \u003ca href=\"https://github.com/actions/cache/blob/main/.licensed.yml\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/.licensed.yml\u003c/code\u003e\u003c/a\u003e file with the exceptions.\u003c/li\u003e\n\u003cli\u003eCommit your changes and push your branch upstream.\u003c/li\u003e\n\u003cli\u003eOpen a pull request against \u003ccode\u003emain\u003c/code\u003e and get it reviewed and merged.\u003c/li\u003e\n\u003cli\u003eDraft a new release \u003ca href=\"https://github.com/actions/cache/releases\"\u003ehttps://github.com/actions/cache/releases\u003c/a\u003e use the same version number used in \u003ccode\u003epackage.json\u003c/code\u003e\n\u003col\u003e\n\u003cli\u003eCreate a new tag with the version number.\u003c/li\u003e\n\u003cli\u003eAuto generate release notes and update them to match the changes you made in \u003ccode\u003eRELEASES.md\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eToggle the set as the latest release option.\u003c/li\u003e\n\u003cli\u003ePublish the release.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/li\u003e\n\u003cli\u003eNavigate to \u003ca href=\"https://github.com/actions/cache/actions/workflows/release-new-action-version.yml\"\u003ehttps://github.com/actions/cache/actions/workflows/release-new-action-version.yml\u003c/a\u003e\n\u003col\u003e\n\u003cli\u003eThere should be a workflow run queued with the same version number.\u003c/li\u003e\n\u003cli\u003eApprove the run to publish the new version and update the major tags for this action.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003ch3\u003e5.0.4\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003eminimatch\u003c/code\u003e to v3.1.5 (fixes ReDoS via globstar patterns)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003eundici\u003c/code\u003e to v6.24.1 (WebSocket decompression bomb protection, header validation fixes)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003efast-xml-parser\u003c/code\u003e to v5.5.6\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.3\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/cache\u003c/code\u003e to v5.0.5 (Resolves: \u003ca href=\"https://github.com/actions/cache/security/dependabot/33\"\u003ehttps://github.com/actions/cache/security/dependabot/33\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/core\u003c/code\u003e to v2.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/cache\u003c/code\u003e to v5.0.3 \u003ca href=\"https://redirect.github.com/actions/cache/pull/1692\"\u003e#1692\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@azure/storage-blob\u003c/code\u003e to \u003ccode\u003e^12.29.1\u003c/code\u003e via \u003ccode\u003e@actions/cache@5.0.1\u003c/code\u003e \u003ca href=\"https://redirect.github.com/actions/cache/pull/1685\"\u003e#1685\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.0\u003c/h3\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\n\u003ccode\u003eactions/cache@v5\u003c/code\u003e runs on the Node.js 24 runtime and requires a minimum Actions Runner version of \u003ccode\u003e2.327.1\u003c/code\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/27d5ce7f107fe9357f9df03efb73ab90386fccae\"\u003e\u003ccode\u003e27d5ce7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1747\"\u003e#1747\u003c/a\u003e from actions/yacaovsnc/update-dependency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/f280785d7b6e1884c7d12b9136eb0f4a1574fcfd\"\u003e\u003ccode\u003ef280785\u003c/code\u003e\u003c/a\u003e licensed changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/619aeb1606e195be0b36fd0ff68dcf1aff6b65a7\"\u003e\u003ccode\u003e619aeb1\u003c/code\u003e\u003c/a\u003e npm run build generated dist files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/bcf16c2893940a4899761e55c7ac3c1cf88a04f6\"\u003e\u003ccode\u003ebcf16c2\u003c/code\u003e\u003c/a\u003e Update ts-http-runtime to 0.3.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/668228422ae6a00e4ad889ee87cd7109ec5666a7\"\u003e\u003ccode\u003e6682284\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1738\"\u003e#1738\u003c/a\u003e from actions/prepare-v5.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/e34039626f957d3e3e50843d15c1b20547fc90e2\"\u003e\u003ccode\u003ee340396\u003c/code\u003e\u003c/a\u003e Update RELEASES\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/8a671105293e81530f1af99863cdf94550aba1a6\"\u003e\u003ccode\u003e8a67110\u003c/code\u003e\u003c/a\u003e Add licenses\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/1865903e1b0cb750dda9bc5c58be03424cc62830\"\u003e\u003ccode\u003e1865903\u003c/code\u003e\u003c/a\u003e Update dependencies \u0026amp; patch security vulnerabilities\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/565629816435f6c0b50676926c9b05c254113c0c\"\u003e\u003ccode\u003e5656298\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1722\"\u003e#1722\u003c/a\u003e from RyPeck/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/4e380d19e192ace8e86f23f32ca6fdec98a673c6\"\u003e\u003ccode\u003e4e380d1\u003c/code\u003e\u003c/a\u003e Fix cache key in examples.md for bun.lock\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/cache/compare/cdf6c1fa76f9f475f3d7449005a359c84ca0f306...27d5ce7f107fe9357f9df03efb73ab90386fccae\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `reviewdog/action-actionlint` from 1.71.0 to 1.72.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/reviewdog/action-actionlint/releases\"\u003ereviewdog/action-actionlint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease v1.72.0\u003c/h2\u003e\n\u003cp\u003ev1.72.0: PR \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/196\"\u003e#196\u003c/a\u003e - chore(deps): update actionlint to 1.7.12\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/6fb7acc99f4a1008869fa8a0f09cfca740837d9d\"\u003e\u003ccode\u003e6fb7acc\u003c/code\u003e\u003c/a\u003e bump v1.72.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/b2a904a8c140063d06dc5319ba69a672d7a4909d\"\u003e\u003ccode\u003eb2a904a\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into releases/v1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/5eaffa19a1991ecc52b11eddcdd57760d1ac7e3d\"\u003e\u003ccode\u003e5eaffa1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/196\"\u003e#196\u003c/a\u003e from reviewdog/depup/actionlint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/39a67548aa7718c321746aa5a54a9e8034505cde\"\u003e\u003ccode\u003e39a6754\u003c/code\u003e\u003c/a\u003e chore(deps): update actionlint to 1.7.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/d39025c0fb1cc41ac827852403ea94804b0e6907\"\u003e\u003ccode\u003ed39025c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/195\"\u003e#195\u003c/a\u003e from reviewdog/renovate/docker-setup-buildx-action-4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/2e8272d25ca2b89be8abc6a0b65c8c5e8a5eae05\"\u003e\u003ccode\u003e2e8272d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/194\"\u003e#194\u003c/a\u003e from reviewdog/renovate/docker-setup-qemu-action-4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/128d9b7b1e43f8eaef5602138f5c9f80ee3c3149\"\u003e\u003ccode\u003e128d9b7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/190\"\u003e#190\u003c/a\u003e from reviewdog/renovate/shogo82148-actions-create-rel...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/1674e4f79a2bf9c94d1d301e60b8f8226eea0137\"\u003e\u003ccode\u003e1674e4f\u003c/code\u003e\u003c/a\u003e chore(deps): update docker/setup-buildx-action action to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/8fdb9d20764d93bca3a294fe7fd615fcf8a82332\"\u003e\u003ccode\u003e8fdb9d2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/189\"\u003e#189\u003c/a\u003e from reviewdog/renovate/docker-setup-buildx-action-3.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/a518ce8798c4eda875ca9e369388679ec67ac3ac\"\u003e\u003ccode\u003ea518ce8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/188\"\u003e#188\u003c/a\u003e from reviewdog/renovate/peter-evans-create-pull-reque...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/reviewdog/action-actionlint/compare/0d952c597ef8459f634d7145b0b044a9699e5e43...6fb7acc99f4a1008869fa8a0f09cfca740837d9d\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zizmorcore/zizmor-action` from 0.5.0 to 0.5.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/zizmorcore/zizmor-action/releases\"\u003ezizmorcore/zizmor-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.5.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e1.24.0\u003c/code\u003e and \u003ccode\u003e1.24.1\u003c/code\u003e are now available via the action\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e1.24.1\u003c/code\u003e is now the default version of zizmor used by the action\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/zizmorcore/zizmor-action/compare/v0.5.2...v0.5.3\"\u003ehttps://github.com/zizmorcore/zizmor-action/compare/v0.5.2...v0.5.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ezizmor 1.23.1 is now the default used by this action.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/zizmorcore/zizmor-action/compare/v0.5.1...v0.5.2\"\u003ehttps://github.com/zizmorcore/zizmor-action/compare/v0.5.1...v0.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ezizmor 1.23.0 is now the default used by this action.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/zizmorcore/zizmor-action/compare/v0.5.0...v0.5.1\"\u003ehttps://github.com/zizmorcore/zizmor-action/compare/v0.5.0...v0.5.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/b1d7e1fb5de872772f31590499237e7cce841e8e\"\u003e\u003ccode\u003eb1d7e1f\u003c/code\u003e\u003c/a\u003e Sync zizmor versions (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/a195b57475917ddcb70845e5ffe1c3a15dbbdedc\"\u003e\u003ccode\u003ea195b57\u003c/code\u003e\u003c/a\u003e Sync zizmor versions (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/100\"\u003e#100\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/629d5d01fe5939a6aeae25c1bd1acd2cfa28e9b2\"\u003e\u003ccode\u003e629d5d0\u003c/code\u003e\u003c/a\u003e chore(deps): bump github/codeql-action in the github-actions group (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/99\"\u003e#99\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/453d591467e8199b1d5c6883b6ec5c22a12aac72\"\u003e\u003ccode\u003e453d591\u003c/code\u003e\u003c/a\u003e chore(deps): bump the github-actions group with 2 updates (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/98\"\u003e#98\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/ea2c18b942410df0b22bed3b94c361c407518d45\"\u003e\u003ccode\u003eea2c18b\u003c/code\u003e\u003c/a\u003e Bump pins (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/97\"\u003e#97\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/71321a20a9ded102f6e9ce5718a2fcec2c4f70d8\"\u003e\u003ccode\u003e71321a2\u003c/code\u003e\u003c/a\u003e Sync zizmor versions (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/5ed31db0964a9d37608edd5b0675de2b52070662\"\u003e\u003ccode\u003e5ed31db\u003c/code\u003e\u003c/a\u003e Bump pins (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/195d10ad90f31d8cd6ea1efd6ecc12969ddbe73f\"\u003e\u003ccode\u003e195d10a\u003c/code\u003e\u003c/a\u003e Sync zizmor versions (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/94\"\u003e#94\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/c65bc8876171b6d82748ec98b77c0193b1226b94\"\u003e\u003ccode\u003ec65bc88\u003c/code\u003e\u003c/a\u003e chore(deps): bump github/codeql-action in the github-actions group (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/93\"\u003e#93\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/c2c887f84674f9c15123e2905d2d307675d8bc01\"\u003e\u003ccode\u003ec2c887f\u003c/code\u003e\u003c/a\u003e chore(deps): bump zizmorcore/zizmor-action in the github-actions group (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/91\"\u003e#91\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/zizmorcore/zizmor-action/compare/0dce2577a4760a2749d8cfb7a84b7d5585ebcb7d...b1d7e1fb5de872772f31590499237e7cce841e8e\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/halostatue/mdex_video_embed/pull/9","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/halostatue%2Fmdex_video_embed/issues/9","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9/packages"},{"uuid":"4362183912","node_id":"PR_kwDOQxSRdc7XTxzJ","number":11,"state":"closed","title":"deps: Bump the actions group across 1 directory with 6 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-14T00:27:26.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-01T00:52:36.000Z","updated_at":"2026-05-14T00:27:27.000Z","time_to_close":1121690,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps: Bump","group_name":"actions","update_count":6,"packages":[{"name":"step-security/harden-runner","old_version":"2.14.2","new_version":"2.19.0","repository_url":"https://github.com/step-security/harden-runner"},{"name":"actions/dependency-review-action","old_version":"4.8.3","new_version":"4.9.0","repository_url":"https://github.com/actions/dependency-review-action"},{"name":"erlef/setup-beam","old_version":"1.20.4","new_version":"1.24.0","repository_url":"https://github.com/erlef/setup-beam"},{"name":"actions/cache","old_version":"5.0.3","new_version":"5.0.5","repository_url":"https://github.com/actions/cache"},{"name":"reviewdog/action-actionlint","old_version":"1.71.0","new_version":"1.72.0","repository_url":"https://github.com/reviewdog/action-actionlint"},{"name":"zizmorcore/zizmor-action","old_version":"0.5.0","new_version":"0.5.3","repository_url":"https://github.com/zizmorcore/zizmor-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 6 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.14.2` | `2.19.0` |\n| [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.8.3` | `4.9.0` |\n| [erlef/setup-beam](https://github.com/erlef/setup-beam) | `1.20.4` | `1.24.0` |\n| [actions/cache](https://github.com/actions/cache) | `5.0.3` | `5.0.5` |\n| [reviewdog/action-actionlint](https://github.com/reviewdog/action-actionlint) | `1.71.0` | `1.72.0` |\n| [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action) | `0.5.0` | `0.5.3` |\n\n\nUpdates `step-security/harden-runner` from 2.14.2 to 2.19.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/step-security/harden-runner/releases\"\u003estep-security/harden-runner's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.19.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eNew Runner Support\u003c/h3\u003e\n\u003cp\u003eHarden-Runner now supports Depot, Blacksmith, Namespace, and WarpBuild runners with the same egress monitoring, runtime monitoring, and policy enforcement available on GitHub-hosted runners.\u003c/p\u003e\n\u003ch3\u003eAutomated Incident Response for Supply Chain Attacks\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eGlobal block list: Outbound connections to known malicious domains and IPs are now blocked even in audit mode.\u003c/li\u003e\n\u003cli\u003eSystem-defined detection rules: Harden-Runner will trigger lockdown mode when a high risk event is detected during an active supply chain attack (for example, a process reading the memory of the runner worker process, a common technique for stealing GitHub Actions secrets).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cp\u003eWindows and macOS: stability and reliability fixes\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.18.0...v2.19.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.18.0...v2.19.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.18.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eGlobal Block List: During supply chain incidents like the recent axios and trivy compromises, StepSecurity will add known malicious domains and IP addresses (IOCs) to a global block list. These will be automatically blocked, even in audit mode, providing immediate protection without requiring any workflow changes.\u003c/p\u003e\n\u003cp\u003eDeploy on Self-Hosted VM: Added \u003ccode\u003edeploy-on-self-hosted-vm\u003c/code\u003e input that allows the Harden Runner agent to be installed directly on ephemeral self-hosted Linux runner VMs at workflow runtime. This is intended as an alternative when baking the agent into the VM image is not possible.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.17.0...v2.18.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.17.0...v2.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.17.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003ePolicy Store Support\u003c/h3\u003e\n\u003cp\u003eAdded \u003ccode\u003euse-policy-store\u003c/code\u003e and \u003ccode\u003eapi-key\u003c/code\u003e inputs to fetch security policies directly from the \u003ca href=\"https://docs.stepsecurity.io/harden-runner/policy-store\"\u003eStepSecurity Policy Store\u003c/a\u003e. Policies can be defined and attached at the workflow, repo, org, or cluster (ARC) level, with the most granular policy taking precedence. This is the preferred method over the existing \u003ccode\u003epolicy\u003c/code\u003e input which requires \u003ccode\u003eid-token: write\u003c/code\u003e permission. If no policy is found in the store, the action defaults to audit mode.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.16.1...v2.17.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.16.1...v2.17.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eEnterprise tier: Added support for direct IP addresses in the allow list\nCommunity tier: Migrated Harden Runner telemetry to a new endpoint\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.16.0...v2.16.1\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.16.0...v2.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated action.yml to use node24\u003c/li\u003e\n\u003cli\u003eSecurity fix: Fixed a medium severity vulnerability where the egress block policy could be bypassed via DNS over HTTPS (DoH) by proxying DNS queries through a permitted resolver, allowing data exfiltration even with a restrictive allowed-endpoints list. This issue only affects the Community Tier; the Enterprise Tier is not affected. See \u003ca href=\"https://github.com/step-security/harden-runner/security/advisories/GHSA-46g3-37rh-v698\"\u003eGHSA-46g3-37rh-v698\u003c/a\u003e for details.\u003c/li\u003e\n\u003cli\u003eSecurity fix: Fixed a medium severity vulnerability where the egress block policy could be bypassed via DNS queries over TCP to external resolvers, allowing outbound network communication that evades configured network restrictions. This issue only affects the Community Tier; the Enterprise Tier is not affected. See \u003ca href=\"https://github.com/step-security/harden-runner/security/advisories/GHSA-g699-3x6g-wm3g\"\u003eGHSA-g699-3x6g-wm3g\u003c/a\u003e for details.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.15.1...v2.16.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.15.1...v2.16.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.15.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/642\"\u003estep-security/harden-runner#642\u003c/a\u003e bug due to which post step was failing on Windows ARM runners\u003c/li\u003e\n\u003cli\u003eUpdates npm packages\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/8d3c67de8e2fe68ef647c8db1e6a09f647780f40\"\u003e\u003ccode\u003e8d3c67d\u003c/code\u003e\u003c/a\u003e Release v2.19.0 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/661\"\u003e#661\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/6c3c2f2c1c457b00c10c4848d6f5491db3b629df\"\u003e\u003ccode\u003e6c3c2f2\u003c/code\u003e\u003c/a\u003e Feature/deploy on self hosted vm (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/658\"\u003e#658\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/f808768d1510423e83855289c910610ca9b43176\"\u003e\u003ccode\u003ef808768\u003c/code\u003e\u003c/a\u003e Feature/policy store (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/656\"\u003e#656\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/fe104658747b27e96e4f7e80cd0a94068e53901d\"\u003e\u003ccode\u003efe10465\u003c/code\u003e\u003c/a\u003e v2.16.1 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/654\"\u003e#654\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594\"\u003e\u003ccode\u003efa2e9d6\u003c/code\u003e\u003c/a\u003e Release v2.16.0 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/646\"\u003e#646\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/58077d3c7e43986b6b15fba718e8ea69e387dfcc\"\u003e\u003ccode\u003e58077d3\u003c/code\u003e\u003c/a\u003e Release v2.15.1 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/641\"\u003e#641\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/a90bcbc6539c36a85cdfeb73f7e2f433735f215b\"\u003e\u003ccode\u003ea90bcbc\u003c/code\u003e\u003c/a\u003e Update readme (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/637\"\u003e#637\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/f0a59d88538059e010b6ebd90b74e2740a6d05fc\"\u003e\u003ccode\u003ef0a59d8\u003c/code\u003e\u003c/a\u003e Release v2.15.0 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/639\"\u003e#639\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/step-security/harden-runner/compare/5ef0c079ce82195b2a36a210272d6b661572d83e...8d3c67de8e2fe68ef647c8db1e6a09f647780f40\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/dependency-review-action` from 4.8.3 to 4.9.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/dependency-review-action/releases\"\u003eactions/dependency-review-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDependency Review Action 4.9.0\u003c/h2\u003e\n\u003cp\u003eThis feature release contains a couple of notable changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThere is a new configuration option \u003ccode\u003eshow_patched_versions\u003c/code\u003e which will add a column to the output, showing the fix version of each vulnerable dependency. Thanks \u003ca href=\"https://github.com/felickz\"\u003e\u003ccode\u003e@​felickz\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eRuns which do not display OpenSSF scorecards no longer fetch scorecard information; previously it was fetched regardless of whether or not it was displayed, causing unneccessary slowness. Great catch \u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eThere are a couple of fixes to purl parsing which should improve match accuracy for \u003ccode\u003eallow-package-dependency\u003c/code\u003e lists, including case (in)sensitivity and url-encoded namespaces Thanks \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCompare normalized purls to account for encoding quirks by \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1056\"\u003eactions/dependency-review-action#1056\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake purl comparisons case insensitive by \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1057\"\u003eactions/dependency-review-action#1057\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFeat: Add \u003ccode\u003ePatched Version\u003c/code\u003e to \u003ccode\u003eVulnerabilities\u003c/code\u003e summary by \u003ca href=\"https://github.com/felickz\"\u003e\u003ccode\u003e@​felickz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1045\"\u003eactions/dependency-review-action#1045\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: only get scorecard levels if user wants to see the OpenSSF scorecard by \u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1060\"\u003eactions/dependency-review-action#1060\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/stale from 10.1.0 to 10.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1058\"\u003eactions/dependency-review-action#1058\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 4 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1021\"\u003eactions/dependency-review-action#1021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdates for release 4.9.0 by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1064\"\u003eactions/dependency-review-action#1064\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1060\"\u003eactions/dependency-review-action#1060\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/dependency-review-action/compare/v4.8.3...v4.9.0\"\u003ehttps://github.com/actions/dependency-review-action/compare/v4.8.3...v4.9.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/2031cfc080254a8a887f58cffee85186f0e49e48\"\u003e\u003ccode\u003e2031cfc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1064\"\u003e#1064\u003c/a\u003e from actions/ahpook/release-4.9.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/d02fa39f790d6e8a4ecafab5848251ff12c20df7\"\u003e\u003ccode\u003ed02fa39\u003c/code\u003e\u003c/a\u003e Updates for release 4.9.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/4038a34c4b30f7c11a7d45dc8dbea40e2211aa27\"\u003e\u003ccode\u003e4038a34\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1021\"\u003e#1021\u003c/a\u003e from actions/dependabot/github_actions/actions/check...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/a632b8386b2cc2b1b99427606b513f7632d27e91\"\u003e\u003ccode\u003ea632b83\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1058\"\u003e#1058\u003c/a\u003e from actions/dependabot/github_actions/actions/stale...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/57a3d46a7be2c2e259fa3284ffc501296337f2ac\"\u003e\u003ccode\u003e57a3d46\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1060\"\u003e#1060\u003c/a\u003e from jantiebot/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/5ecdc4b5781cdabdfe233d6e58ec18eac23e275d\"\u003e\u003ccode\u003e5ecdc4b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1045\"\u003e#1045\u003c/a\u003e from forks-felickz/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/e8c2f9a12c568d6f36f8d3a9935a6c71afc691f5\"\u003e\u003ccode\u003ee8c2f9a\u003c/code\u003e\u003c/a\u003e fix: remove inferrable type annotation to pass eslint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/0e129e113c878bfe7c1abf6c6d94b180cbf71086\"\u003e\u003ccode\u003e0e129e1\u003c/code\u003e\u003c/a\u003e Prettier  - Refactor summary table rendering for improved readability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/aa60746a920d63ce55376f67d381e15edd3a714d\"\u003e\u003ccode\u003eaa60746\u003c/code\u003e\u003c/a\u003e Add 'show-patched-versions' option to configuration and update summary handling\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/e4047984002250b82268ac37f613ab74366e1d85\"\u003e\u003ccode\u003ee404798\u003c/code\u003e\u003c/a\u003e Merge upstream actions/dependency-review-action main\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/dependency-review-action/compare/05fe4576374b728f0c523d6a13d64c25081e0803...2031cfc080254a8a887f58cffee85186f0e49e48\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `erlef/setup-beam` from 1.20.4 to 1.24.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.24.0\u003c/h2\u003e\n\u003ch2\u003e⚠️ Potentially breaking changes\u003c/h2\u003e\n\u003cp\u003eSince GitHub is phasing out Node 20 runners, the \u003ccode\u003eerlef/setup-beam\u003c/code\u003e action has updated its requirements ([see PR \u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/426\"\u003e#426\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e)). Please \u003cstrong\u003eensure your workflow files are updated\u003c/strong\u003e to align with the \u003ca href=\"https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/\"\u003elatest GitHub Actions standards\u003c/a\u003e to avoid execution failures.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Node 24 runtime by \u003ca href=\"https://github.com/levibuzolic\"\u003e\u003ccode\u003e@​levibuzolic\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix error that occurs when parsing TOML files that use dotted keys by \u003ca href=\"https://github.com/mitchellhenke\"\u003e\u003ccode\u003e@​mitchellhenke\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/444\"\u003eerlef/setup-beam#444\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAutomation\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/435\"\u003eerlef/setup-beam#435\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/436\"\u003eerlef/setup-beam#436\u003c/a\u003e, and \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/442\"\u003eerlef/setup-beam#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSecurity\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump eslint from 10.0.3 to 10.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/439\"\u003eerlef/setup-beam#439\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump yauzl from 3.2.0 to 3.2.1 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/437\"\u003eerlef/setup-beam#437\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump csv-parse from 6.1.0 to 6.2.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/440\"\u003eerlef/setup-beam#440\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump picomatch from 4.0.3 to 4.0.4 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/443\"\u003eerlef/setup-beam#443\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: address \u003ccode\u003ePrototype Pollution via parse() in NodeJS flatted\u003c/code\u003e by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/445\"\u003eerlef/setup-beam#445\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/levibuzolic\"\u003e\u003ccode\u003e@​levibuzolic\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mitchellhenke\"\u003e\u003ccode\u003e@​mitchellhenke\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/444\"\u003eerlef/setup-beam#444\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.24.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.24.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/fc68ffb90438ef2936bbb3251622353b3dcb2f93\"\u003e\u003ccode\u003efc68ffb\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 190c3a5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/190c3a5e7b2d0a7e53ac2ae08f02a617c755b13d\"\u003e\u003ccode\u003e190c3a5\u003c/code\u003e\u003c/a\u003e Fix error that occurs when parsing TOML files that use dotted keys (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/444\"\u003e#444\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/92dab893ed9373c7c8b219be47f9e6ad3684507b\"\u003e\u003ccode\u003e92dab89\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 5dfda65\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/5dfda6550693b3e524212c8e8956489385351723\"\u003e\u003ccode\u003e5dfda65\u003c/code\u003e\u003c/a\u003e fix: address \u003ccode\u003ePrototype Pollution via parse() in NodeJS flatted\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/445\"\u003e#445\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ef385d6edc40d082c376680340dc4581014fb5c3\"\u003e\u003ccode\u003eef385d6\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to bf3c3af\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf3c3af135ef07a5f34ef23377a9cbf2b2e1fab0\"\u003e\u003ccode\u003ebf3c3af\u003c/code\u003e\u003c/a\u003e Bump picomatch from 4.0.3 to 4.0.4 in the npm_and_yarn group across 1 directo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/e7645e410255776e1f30cddea2b7842df4b842fb\"\u003e\u003ccode\u003ee7645e4\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to a36098e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/a36098e7415c702808cc414302b5a3fa2c83df52\"\u003e\u003ccode\u003ea36098e\u003c/code\u003e\u003c/a\u003e Bump csv-parse from 6.1.0 to 6.2.1 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/440\"\u003e#440\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/87781dc68a92d3ae823e02b5a7c030621fcc71a2\"\u003e\u003ccode\u003e87781dc\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to d5f3979\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/d5f3979a5f2803385ad71e7a9e178d31f89b8d2b\"\u003e\u003ccode\u003ed5f3979\u003c/code\u003e\u003c/a\u003e Support Node 24 runtime (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/426\"\u003e#426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/e6d7c94229049569db56a7ad5a540c051a010af9...fc68ffb90438ef2936bbb3251622353b3dcb2f93\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/cache` from 5.0.3 to 5.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/cache/releases\"\u003eactions/cache's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate ts-http-runtime dependency by \u003ca href=\"https://github.com/yacaovsnc\"\u003e\u003ccode\u003e@​yacaovsnc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1747\"\u003eactions/cache#1747\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v5...v5.0.5\"\u003ehttps://github.com/actions/cache/compare/v5...v5.0.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd release instructions and update maintainer docs by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1696\"\u003eactions/cache#1696\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePotential fix for code scanning alert no. 52: Workflow does not contain permissions by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1697\"\u003eactions/cache#1697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix workflow permissions and cleanup workflow names / formatting by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1699\"\u003eactions/cache#1699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Update examples to use the latest version by \u003ca href=\"https://github.com/XZTDean\"\u003e\u003ccode\u003e@​XZTDean\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1690\"\u003eactions/cache#1690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix proxy integration tests by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1701\"\u003eactions/cache#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix cache key in examples.md for bun.lock by \u003ca href=\"https://github.com/RyPeck\"\u003e\u003ccode\u003e@​RyPeck\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1722\"\u003eactions/cache#1722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate dependencies \u0026amp; patch security vulnerabilities by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1738\"\u003eactions/cache#1738\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/XZTDean\"\u003e\u003ccode\u003e@​XZTDean\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1690\"\u003eactions/cache#1690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/RyPeck\"\u003e\u003ccode\u003e@​RyPeck\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1722\"\u003eactions/cache#1722\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v5...v5.0.4\"\u003ehttps://github.com/actions/cache/compare/v5...v5.0.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/cache/blob/main/RELEASES.md\"\u003eactions/cache's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eReleases\u003c/h1\u003e\n\u003ch2\u003eHow to prepare a release\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\u003cbr /\u003e\nRelevant for maintainers with write access only.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003col\u003e\n\u003cli\u003eSwitch to a new branch from \u003ccode\u003emain\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003enpm test\u003c/code\u003e to ensure all tests are passing.\u003c/li\u003e\n\u003cli\u003eUpdate the version in \u003ca href=\"https://github.com/actions/cache/blob/main/package.json\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/package.json\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003enpm run build\u003c/code\u003e to update the compiled files.\u003c/li\u003e\n\u003cli\u003eUpdate this \u003ca href=\"https://github.com/actions/cache/blob/main/RELEASES.md\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/RELEASES.md\u003c/code\u003e\u003c/a\u003e with the new version and changes in the \u003ccode\u003e## Changelog\u003c/code\u003e section.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003elicensed cache\u003c/code\u003e to update the license report.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003elicensed status\u003c/code\u003e and resolve any warnings by updating the \u003ca href=\"https://github.com/actions/cache/blob/main/.licensed.yml\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/.licensed.yml\u003c/code\u003e\u003c/a\u003e file with the exceptions.\u003c/li\u003e\n\u003cli\u003eCommit your changes and push your branch upstream.\u003c/li\u003e\n\u003cli\u003eOpen a pull request against \u003ccode\u003emain\u003c/code\u003e and get it reviewed and merged.\u003c/li\u003e\n\u003cli\u003eDraft a new release \u003ca href=\"https://github.com/actions/cache/releases\"\u003ehttps://github.com/actions/cache/releases\u003c/a\u003e use the same version number used in \u003ccode\u003epackage.json\u003c/code\u003e\n\u003col\u003e\n\u003cli\u003eCreate a new tag with the version number.\u003c/li\u003e\n\u003cli\u003eAuto generate release notes and update them to match the changes you made in \u003ccode\u003eRELEASES.md\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eToggle the set as the latest release option.\u003c/li\u003e\n\u003cli\u003ePublish the release.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/li\u003e\n\u003cli\u003eNavigate to \u003ca href=\"https://github.com/actions/cache/actions/workflows/release-new-action-version.yml\"\u003ehttps://github.com/actions/cache/actions/workflows/release-new-action-version.yml\u003c/a\u003e\n\u003col\u003e\n\u003cli\u003eThere should be a workflow run queued with the same version number.\u003c/li\u003e\n\u003cli\u003eApprove the run to publish the new version and update the major tags for this action.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003ch3\u003e5.0.4\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003eminimatch\u003c/code\u003e to v3.1.5 (fixes ReDoS via globstar patterns)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003eundici\u003c/code\u003e to v6.24.1 (WebSocket decompression bomb protection, header validation fixes)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003efast-xml-parser\u003c/code\u003e to v5.5.6\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.3\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/cache\u003c/code\u003e to v5.0.5 (Resolves: \u003ca href=\"https://github.com/actions/cache/security/dependabot/33\"\u003ehttps://github.com/actions/cache/security/dependabot/33\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/core\u003c/code\u003e to v2.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/cache\u003c/code\u003e to v5.0.3 \u003ca href=\"https://redirect.github.com/actions/cache/pull/1692\"\u003e#1692\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@azure/storage-blob\u003c/code\u003e to \u003ccode\u003e^12.29.1\u003c/code\u003e via \u003ccode\u003e@actions/cache@5.0.1\u003c/code\u003e \u003ca href=\"https://redirect.github.com/actions/cache/pull/1685\"\u003e#1685\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.0\u003c/h3\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\n\u003ccode\u003eactions/cache@v5\u003c/code\u003e runs on the Node.js 24 runtime and requires a minimum Actions Runner version of \u003ccode\u003e2.327.1\u003c/code\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/27d5ce7f107fe9357f9df03efb73ab90386fccae\"\u003e\u003ccode\u003e27d5ce7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1747\"\u003e#1747\u003c/a\u003e from actions/yacaovsnc/update-dependency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/f280785d7b6e1884c7d12b9136eb0f4a1574fcfd\"\u003e\u003ccode\u003ef280785\u003c/code\u003e\u003c/a\u003e licensed changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/619aeb1606e195be0b36fd0ff68dcf1aff6b65a7\"\u003e\u003ccode\u003e619aeb1\u003c/code\u003e\u003c/a\u003e npm run build generated dist files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/bcf16c2893940a4899761e55c7ac3c1cf88a04f6\"\u003e\u003ccode\u003ebcf16c2\u003c/code\u003e\u003c/a\u003e Update ts-http-runtime to 0.3.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/668228422ae6a00e4ad889ee87cd7109ec5666a7\"\u003e\u003ccode\u003e6682284\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1738\"\u003e#1738\u003c/a\u003e from actions/prepare-v5.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/e34039626f957d3e3e50843d15c1b20547fc90e2\"\u003e\u003ccode\u003ee340396\u003c/code\u003e\u003c/a\u003e Update RELEASES\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/8a671105293e81530f1af99863cdf94550aba1a6\"\u003e\u003ccode\u003e8a67110\u003c/code\u003e\u003c/a\u003e Add licenses\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/1865903e1b0cb750dda9bc5c58be03424cc62830\"\u003e\u003ccode\u003e1865903\u003c/code\u003e\u003c/a\u003e Update dependencies \u0026amp; patch security vulnerabilities\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/565629816435f6c0b50676926c9b05c254113c0c\"\u003e\u003ccode\u003e5656298\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1722\"\u003e#1722\u003c/a\u003e from RyPeck/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/4e380d19e192ace8e86f23f32ca6fdec98a673c6\"\u003e\u003ccode\u003e4e380d1\u003c/code\u003e\u003c/a\u003e Fix cache key in examples.md for bun.lock\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/cache/compare/cdf6c1fa76f9f475f3d7449005a359c84ca0f306...27d5ce7f107fe9357f9df03efb73ab90386fccae\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `reviewdog/action-actionlint` from 1.71.0 to 1.72.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/reviewdog/action-actionlint/releases\"\u003ereviewdog/action-actionlint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease v1.72.0\u003c/h2\u003e\n\u003cp\u003ev1.72.0: PR \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/196\"\u003e#196\u003c/a\u003e - chore(deps): update actionlint to 1.7.12\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/6fb7acc99f4a1008869fa8a0f09cfca740837d9d\"\u003e\u003ccode\u003e6fb7acc\u003c/code\u003e\u003c/a\u003e bump v1.72.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/b2a904a8c140063d06dc5319ba69a672d7a4909d\"\u003e\u003ccode\u003eb2a904a\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into releases/v1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/5eaffa19a1991ecc52b11eddcdd57760d1ac7e3d\"\u003e\u003ccode\u003e5eaffa1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/196\"\u003e#196\u003c/a\u003e from reviewdog/depup/actionlint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/39a67548aa7718c321746aa5a54a9e8034505cde\"\u003e\u003ccode\u003e39a6754\u003c/code\u003e\u003c/a\u003e chore(deps): update actionlint to 1.7.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/d39025c0fb1cc41ac827852403ea94804b0e6907\"\u003e\u003ccode\u003ed39025c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/195\"\u003e#195\u003c/a\u003e from reviewdog/renovate/docker-setup-buildx-action-4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/2e8272d25ca2b89be8abc6a0b65c8c5e8a5eae05\"\u003e\u003ccode\u003e2e8272d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/194\"\u003e#194\u003c/a\u003e from reviewdog/renovate/docker-setup-qemu-action-4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/128d9b7b1e43f8eaef5602138f5c9f80ee3c3149\"\u003e\u003ccode\u003e128d9b7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/190\"\u003e#190\u003c/a\u003e from reviewdog/renovate/shogo82148-actions-create-rel...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/1674e4f79a2bf9c94d1d301e60b8f8226eea0137\"\u003e\u003ccode\u003e1674e4f\u003c/code\u003e\u003c/a\u003e chore(deps): update docker/setup-buildx-action action to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/8fdb9d20764d93bca3a294fe7fd615fcf8a82332\"\u003e\u003ccode\u003e8fdb9d2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/189\"\u003e#189\u003c/a\u003e from reviewdog/renovate/docker-setup-buildx-action-3.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/a518ce8798c4eda875ca9e369388679ec67ac3ac\"\u003e\u003ccode\u003ea518ce8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/188\"\u003e#188\u003c/a\u003e from reviewdog/renovate/peter-evans-create-pull-reque...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/reviewdog/action-actionlint/compare/0d952c597ef8459f634d7145b0b044a9699e5e43...6fb7acc99f4a1008869fa8a0f09cfca740837d9d\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zizmorcore/zizmor-action` from 0.5.0 to 0.5.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/zizmorcore/zizmor-action/releases\"\u003ezizmorcore/zizmor-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.5.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e1.24.0\u003c/code\u003e and \u003ccode\u003e1.24.1\u003c/code\u003e are now available via the action\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e1.24.1\u003c/code\u003e is now the default version of zizmor used by the action\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/zizmorcore/zizmor-action/compare/v0.5.2...v0.5.3\"\u003ehttps://github.com/zizmorcore/zizmor-action/compare/v0.5.2...v0.5.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ezizmor 1.23.1 is now the default used by this action.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/zizmorcore/zizmor-action/compare/v0.5.1...v0.5.2\"\u003ehttps://github.com/zizmorcore/zizmor-action/compare/v0.5.1...v0.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ezizmor 1.23.0 is now the default used by this action.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/zizmorcore/zizmor-action/compare/v0.5.0...v0.5.1\"\u003ehttps://github.com/zizmorcore/zizmor-action/compare/v0.5.0...v0.5.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/b1d7e1fb5de872772f31590499237e7cce841e8e\"\u003e\u003ccode\u003eb1d7e1f\u003c/code\u003e\u003c/a\u003e Sync zizmor versions (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/a195b57475917ddcb70845e5ffe1c3a15dbbdedc\"\u003e\u003ccode\u003ea195b57\u003c/code\u003e\u003c/a\u003e Sync zizmor versions (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/100\"\u003e#100\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/629d5d01fe5939a6aeae25c1bd1acd2cfa28e9b2\"\u003e\u003ccode\u003e629d5d0\u003c/code\u003e\u003c/a\u003e chore(deps): bump github/codeql-action in the github-actions group (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/99\"\u003e#99\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/453d591467e8199b1d5c6883b6ec5c22a12aac72\"\u003e\u003ccode\u003e453d591\u003c/code\u003e\u003c/a\u003e chore(deps): bump the github-actions group with 2 updates (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/98\"\u003e#98\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/ea2c18b942410df0b22bed3b94c361c407518d45\"\u003e\u003ccode\u003eea2c18b\u003c/code\u003e\u003c/a\u003e Bump pins (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/97\"\u003e#97\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/71321a20a9ded102f6e9ce5718a2fcec2c4f70d8\"\u003e\u003ccode\u003e71321a2\u003c/code\u003e\u003c/a\u003e Sync zizmor versions (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/5ed31db0964a9d37608edd5b0675de2b52070662\"\u003e\u003ccode\u003e5ed31db\u003c/code\u003e\u003c/a\u003e Bump pins (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/195d10ad90f31d8cd6ea1efd6ecc12969ddbe73f\"\u003e\u003ccode\u003e195d10a\u003c/code\u003e\u003c/a\u003e Sync zizmor versions (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/94\"\u003e#94\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/c65bc8876171b6d82748ec98b77c0193b1226b94\"\u003e\u003ccode\u003ec65bc88\u003c/code\u003e\u003c/a\u003e chore(deps): bump github/codeql-action in the github-actions group (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/93\"\u003e#93\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/c2c887f84674f9c15123e2905d2d307675d8bc01\"\u003e\u003ccode\u003ec2c887f\u003c/code\u003e\u003c/a\u003e chore(deps): bump zizmorcore/zizmor-action in the github-actions group (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/91\"\u003e#91\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/zizmorcore/zizmor-action/compare/0dce2577a4760a2749d8cfb7a84b7d5585ebcb7d...b1d7e1fb5de872772f31590499237e7cce841e8e\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/halostatue/pagefindex/pull/11","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/halostatue%2Fpagefindex/issues/11","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/11/packages"},{"uuid":"4189178089","node_id":"PR_kwDODDeyRc7PWaBr","number":134,"state":"open","title":"Bump erlef/setup-beam from 1.20.4 to 1.24.0","user":"dependabot[bot]","labels":["x:size/small"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-01T18:54:50.000Z","updated_at":"2026-04-01T18:55:03.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"erlef/setup-beam","old_version":"1.20.4","new_version":"1.24.0","repository_url":"https://github.com/erlef/setup-beam"}],"path":null,"ecosystem":"actions"},"body":"Bumps [erlef/setup-beam](https://github.com/erlef/setup-beam) from 1.20.4 to 1.24.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.24.0\u003c/h2\u003e\n\u003ch2\u003e⚠️ Potentially breaking changes\u003c/h2\u003e\n\u003cp\u003eSince GitHub is phasing out Node 20 runners, the \u003ccode\u003eerlef/setup-beam\u003c/code\u003e action has updated its requirements ([see PR \u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/426\"\u003e#426\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e)). Please \u003cstrong\u003eensure your workflow files are updated\u003c/strong\u003e to align with the \u003ca href=\"https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/\"\u003elatest GitHub Actions standards\u003c/a\u003e to avoid execution failures.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Node 24 runtime by \u003ca href=\"https://github.com/levibuzolic\"\u003e\u003ccode\u003e@​levibuzolic\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix error that occurs when parsing TOML files that use dotted keys by \u003ca href=\"https://github.com/mitchellhenke\"\u003e\u003ccode\u003e@​mitchellhenke\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/444\"\u003eerlef/setup-beam#444\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAutomation\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/435\"\u003eerlef/setup-beam#435\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/436\"\u003eerlef/setup-beam#436\u003c/a\u003e, and \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/442\"\u003eerlef/setup-beam#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSecurity\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump eslint from 10.0.3 to 10.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/439\"\u003eerlef/setup-beam#439\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump yauzl from 3.2.0 to 3.2.1 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/437\"\u003eerlef/setup-beam#437\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump csv-parse from 6.1.0 to 6.2.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/440\"\u003eerlef/setup-beam#440\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump picomatch from 4.0.3 to 4.0.4 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/443\"\u003eerlef/setup-beam#443\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: address \u003ccode\u003ePrototype Pollution via parse() in NodeJS flatted\u003c/code\u003e by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/445\"\u003eerlef/setup-beam#445\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/levibuzolic\"\u003e\u003ccode\u003e@​levibuzolic\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mitchellhenke\"\u003e\u003ccode\u003e@​mitchellhenke\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/444\"\u003eerlef/setup-beam#444\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.24.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.24.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/fc68ffb90438ef2936bbb3251622353b3dcb2f93\"\u003e\u003ccode\u003efc68ffb\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 190c3a5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/190c3a5e7b2d0a7e53ac2ae08f02a617c755b13d\"\u003e\u003ccode\u003e190c3a5\u003c/code\u003e\u003c/a\u003e Fix error that occurs when parsing TOML files that use dotted keys (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/444\"\u003e#444\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/92dab893ed9373c7c8b219be47f9e6ad3684507b\"\u003e\u003ccode\u003e92dab89\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 5dfda65\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/5dfda6550693b3e524212c8e8956489385351723\"\u003e\u003ccode\u003e5dfda65\u003c/code\u003e\u003c/a\u003e fix: address \u003ccode\u003ePrototype Pollution via parse() in NodeJS flatted\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/445\"\u003e#445\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ef385d6edc40d082c376680340dc4581014fb5c3\"\u003e\u003ccode\u003eef385d6\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to bf3c3af\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf3c3af135ef07a5f34ef23377a9cbf2b2e1fab0\"\u003e\u003ccode\u003ebf3c3af\u003c/code\u003e\u003c/a\u003e Bump picomatch from 4.0.3 to 4.0.4 in the npm_and_yarn group across 1 directo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/e7645e410255776e1f30cddea2b7842df4b842fb\"\u003e\u003ccode\u003ee7645e4\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to a36098e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/a36098e7415c702808cc414302b5a3fa2c83df52\"\u003e\u003ccode\u003ea36098e\u003c/code\u003e\u003c/a\u003e Bump csv-parse from 6.1.0 to 6.2.1 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/440\"\u003e#440\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/87781dc68a92d3ae823e02b5a7c030621fcc71a2\"\u003e\u003ccode\u003e87781dc\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to d5f3979\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/d5f3979a5f2803385ad71e7a9e178d31f89b8d2b\"\u003e\u003ccode\u003ed5f3979\u003c/code\u003e\u003c/a\u003e Support Node 24 runtime (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/426\"\u003e#426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/e6d7c94229049569db56a7ad5a540c051a010af9...fc68ffb90438ef2936bbb3251622353b3dcb2f93\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=erlef/setup-beam\u0026package-manager=github_actions\u0026previous-version=1.20.4\u0026new-version=1.24.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/exercism/erlang-test-runner/pull/134","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/exercism%2Ferlang-test-runner/issues/134","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/134/packages"},{"uuid":"4117603270","node_id":"PR_kwDOOutWRM7Mi0e8","number":170,"state":"open","title":"build(deps): bump erlef/setup-beam from 1.20.4 to 1.23.0","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-23T01:14:15.000Z","updated_at":"2026-04-11T13:57:34.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"erlef/setup-beam","old_version":"1.20.4","new_version":"1.23.0","repository_url":"https://github.com/erlef/setup-beam"}],"path":null,"ecosystem":"actions"},"body":"Bumps [erlef/setup-beam](https://github.com/erlef/setup-beam) from 1.20.4 to 1.23.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.23.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.23.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.22.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003emise.toml\u003c/code\u003e as \u003ccode\u003eversion-file\u003c/code\u003e (input) by \u003ca href=\"https://github.com/dinokovac-river\"\u003e\u003ccode\u003e@​dinokovac-river\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/415\"\u003eerlef/setup-beam#415\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDependabot updates\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/419\"\u003eerlef/setup-beam#419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/exec\u003c/code\u003e from 1.1.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/405\"\u003eerlef/setup-beam#405\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/tool-cache\u003c/code\u003e from 2.0.2 to 4.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/407\"\u003eerlef/setup-beam#407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​eslint/js\u003c/code\u003e from 9.38.0 to 10.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/404\"\u003eerlef/setup-beam#404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.1.0 to 6.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/409\"\u003eerlef/setup-beam#409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.2.0 to 6.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/423\"\u003eerlef/setup-beam#423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint from 10.0.1 to 10.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/420\"\u003eerlef/setup-beam#420\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint-plugin-yml from 1.18.0 to 3.3.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/418\"\u003eerlef/setup-beam#418\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump globals from 17.3.0 to 17.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/421\"\u003eerlef/setup-beam#421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump markdownlint-cli from 0.47.0 to 0.48.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/422\"\u003eerlef/setup-beam#422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump prettier from 3.6.2 to 3.8.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/408\"\u003eerlef/setup-beam#408\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.0 to 2.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/410\"\u003eerlef/setup-beam#410\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.1 to 2.1.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/424\"\u003eerlef/setup-beam#424\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003e\u003ccode\u003eee09b1e\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to f8b54b5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/f8b54b559e6123caaab7f1aa113f60a5fad786e6\"\u003e\u003ccode\u003ef8b54b5\u003c/code\u003e\u003c/a\u003e Run ARM-specific tests consistently (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/434\"\u003e#434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf1ce7403467d283c9c2f605633ef849ed3781c8\"\u003e\u003ccode\u003ebf1ce74\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 559a930\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/559a93075107e8996bed015071364d5b82de6c9a\"\u003e\u003ccode\u003e559a930\u003c/code\u003e\u003c/a\u003e Bump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 director...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/1380ebe712baba142b98b84cf8d62c5235dfafc3\"\u003e\u003ccode\u003e1380ebe\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 0a54959\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/0a549596b00a62e47fdaf801584216a26b1831e8\"\u003e\u003ccode\u003e0a54959\u003c/code\u003e\u003c/a\u003e Compatibility matrix strategy (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/389\"\u003e#389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/3a3c94fd9e9380e45cecff3ab9f5b6b9e0d2f6da\"\u003e\u003ccode\u003e3a3c94f\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to cfafb69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/cfafb69dddf4265d6e7aa5232514b85b3f829076\"\u003e\u003ccode\u003ecfafb69\u003c/code\u003e\u003c/a\u003e feat: add Erlang problem matchers (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/433\"\u003e#433\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/b3cbb6afbf19923100205a2cc9ac78dbc5d87113\"\u003e\u003ccode\u003eb3cbb6a\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 2abe6cd\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/2abe6cda7aebef61794fefb3fb28ad5bab8bb158\"\u003e\u003ccode\u003e2abe6cd\u003c/code\u003e\u003c/a\u003e fix: download correct Gleam binary for macOS and Linux ARM64 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/428\"\u003e#428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/e6d7c94229049569db56a7ad5a540c051a010af9...ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=erlef/setup-beam\u0026package-manager=github_actions\u0026previous-version=1.20.4\u0026new-version=1.23.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/camatcode/aura/pull/170","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/camatcode%2Faura/issues/170","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/170/packages"},{"uuid":"4104914788","node_id":"PR_kwDOQyxBLM7MAMLk","number":4,"state":"open","title":"chore(deps): bump the actions group with 9 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-20T00:08:52.000Z","updated_at":"2026-03-20T00:08:58.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"actions","update_count":9,"packages":[{"name":"actions/checkout","old_version":"4.1.1","new_version":"6.0.2","repository_url":"https://github.com/actions/checkout"},{"name":"haskell-actions/setup","old_version":"2.7.5","new_version":"2.10.3","repository_url":"https://github.com/haskell-actions/setup"},{"name":"actions/cache","old_version":"4.3.0","new_version":"5.0.4","repository_url":"https://github.com/actions/cache"},{"name":"actions/upload-pages-artifact","old_version":"3.0.1","new_version":"4.0.0","repository_url":"https://github.com/actions/upload-pages-artifact"},{"name":"github/codeql-action","old_version":"3.27.0","new_version":"4.33.0","repository_url":"https://github.com/github/codeql-action"},{"name":"erlef/setup-beam","old_version":"1.17.5","new_version":"1.23.0","repository_url":"https://github.com/erlef/setup-beam"},{"name":"actions/github-script","old_version":"7.0.1","new_version":"8.0.0","repository_url":"https://github.com/actions/github-script"},{"name":"webfactory/ssh-agent","old_version":"0.9.1","new_version":"0.10.0","repository_url":"https://github.com/webfactory/ssh-agent"},{"name":"trufflesecurity/trufflehog","old_version":"3.92.5","new_version":"3.93.8","repository_url":"https://github.com/trufflesecurity/trufflehog"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 9 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [actions/checkout](https://github.com/actions/checkout) | `4.1.1` | `6.0.2` |\n| [haskell-actions/setup](https://github.com/haskell-actions/setup) | `2.7.5` | `2.10.3` |\n| [actions/cache](https://github.com/actions/cache) | `4.3.0` | `5.0.4` |\n| [actions/upload-pages-artifact](https://github.com/actions/upload-pages-artifact) | `3.0.1` | `4.0.0` |\n| [github/codeql-action](https://github.com/github/codeql-action) | `3.27.0` | `4.33.0` |\n| [erlef/setup-beam](https://github.com/erlef/setup-beam) | `1.17.5` | `1.23.0` |\n| [actions/github-script](https://github.com/actions/github-script) | `7.0.1` | `8.0.0` |\n| [webfactory/ssh-agent](https://github.com/webfactory/ssh-agent) | `0.9.1` | `0.10.0` |\n| [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) | `3.92.5` | `3.93.8` |\n\nUpdates `actions/checkout` from 4.1.1 to 6.0.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/releases\"\u003eactions/checkout's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set by \u003ca href=\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2355\"\u003eactions/checkout#2355\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix tag handling: preserve annotations and explicit fetch-tags by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2356\"\u003eactions/checkout#2356\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v6.0.1...v6.0.2\"\u003ehttps://github.com/actions/checkout/compare/v6.0.1...v6.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate all references from v5 and v4 to v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2314\"\u003eactions/checkout#2314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd worktree support for persist-credentials includeIf by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2327\"\u003eactions/checkout#2327\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify v6 README by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2328\"\u003eactions/checkout#2328\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v6...v6.0.1\"\u003ehttps://github.com/actions/checkout/compare/v6...v6.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev6-beta by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2298\"\u003eactions/checkout#2298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate readme/changelog for v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2311\"\u003eactions/checkout#2311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/checkout/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6-beta\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eUpdated persist-credentials to store the credentials under \u003ccode\u003e$RUNNER_TEMP\u003c/code\u003e instead of directly in the local git config.\u003c/p\u003e\n\u003cp\u003eThis requires a minimum Actions Runner version of \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.329.0\"\u003ev2.329.0\u003c/a\u003e to access the persisted credentials for \u003ca href=\"https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action\"\u003eDocker container action\u003c/a\u003e scenarios.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5...v5.0.1\"\u003ehttps://github.com/actions/checkout/compare/v5...v5.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare v5.0.0 release by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2238\"\u003eactions/checkout#2238\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/blob/main/CHANGELOG.md\"\u003eactions/checkout's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix tag handling: preserve annotations and explicit fetch-tags by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2356\"\u003eactions/checkout#2356\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd worktree support for persist-credentials includeIf by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2327\"\u003eactions/checkout#2327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca href=\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca href=\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca href=\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdjust positioning of user email note and permissions heading by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2044\"\u003eactions/checkout#2044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2194\"\u003eactions/checkout#2194\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CODEOWNERS for actions by \u003ca href=\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2224\"\u003eactions/checkout#2224\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate package dependencies by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2236\"\u003eactions/checkout#2236\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eurl-helper.ts\u003c/code\u003e now leverages well-known environment variables by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1941\"\u003eactions/checkout#1941\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpand unit test coverage for \u003ccode\u003eisGhes\u003c/code\u003e by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1946\"\u003eactions/checkout#1946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck out other refs/* by commit if provided, fall back to ref by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1924\"\u003eactions/checkout#1924\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Ref and Commit outputs by \u003ca href=\"https://github.com/lucacome\"\u003e\u003ccode\u003e@​lucacome\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1180\"\u003eactions/checkout#1180\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDependency updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e- \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1777\"\u003eactions/checkout#1777\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1872\"\u003eactions/checkout#1872\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump the minor-npm-dependencies group across 1 directory with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1739\"\u003eactions/checkout#1739\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 3 to 4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1697\"\u003eactions/checkout#1697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCheck out other refs/* by commit by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1774\"\u003eactions/checkout#1774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin actions/checkout's own workflows to a known, good, stable version. by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1776\"\u003eactions/checkout#1776\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck platform to set archive extension appropriately by \u003ca href=\"https://github.com/cory-miller\"\u003e\u003ccode\u003e@​cory-miller\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1732\"\u003eactions/checkout#1732\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003e\u003ccode\u003ede0fac2\u003c/code\u003e\u003c/a\u003e Fix tag handling: preserve annotations and explicit fetch-tags (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2356\"\u003e#2356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49\"\u003e\u003ccode\u003e064fe7f\u003c/code\u003e\u003c/a\u003e Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8\"\u003e\u003ccode\u003e8e8c483\u003c/code\u003e\u003c/a\u003e Clarify v6 README (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2328\"\u003e#2328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1\"\u003e\u003ccode\u003e033fa0d\u003c/code\u003e\u003c/a\u003e Add worktree support for persist-credentials includeIf (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2327\"\u003e#2327\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5\"\u003e\u003ccode\u003ec2d88d3\u003c/code\u003e\u003c/a\u003e Update all references from v5 and v4 to v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2314\"\u003e#2314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3\"\u003e\u003ccode\u003e1af3b93\u003c/code\u003e\u003c/a\u003e update readme/changelog for v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2311\"\u003e#2311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e\"\u003e\u003ccode\u003e71cf226\u003c/code\u003e\u003c/a\u003e v6-beta (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2298\"\u003e#2298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e\"\u003e\u003ccode\u003e069c695\u003c/code\u003e\u003c/a\u003e Persist creds to a separate file (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2286\"\u003e#2286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493\"\u003e\u003ccode\u003eff7abcd\u003c/code\u003e\u003c/a\u003e Update README to include Node.js 24 support details and requirements (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8\"\u003e\u003ccode\u003e08c6903\u003c/code\u003e\u003c/a\u003e Prepare v5.0.0 release (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2238\"\u003e#2238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/checkout/compare/v4.1.1...de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `haskell-actions/setup` from 2.7.5 to 2.10.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/haskell-actions/setup/releases\"\u003ehaskell-actions/setup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.10.3\u003c/h2\u003e\n\u003cp\u003eAdd Stack 3.9.1\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Stack 3.9.1 by \u003ca href=\"https://github.com/andreasabel\"\u003e\u003ccode\u003e@​andreasabel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/haskell-actions/setup/pull/138\"\u003ehaskell-actions/setup#138\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/haskell-actions/setup/compare/v2.10.2...v2.10.3\"\u003ehttps://github.com/haskell-actions/setup/compare/v2.10.2...v2.10.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.10.2\u003c/h2\u003e\n\u003cp\u003eRemove GHCup vanilla channel from defaults\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove GHCup vanilla channel from defaults by \u003ca href=\"https://github.com/andreasabel\"\u003e\u003ccode\u003e@​andreasabel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/haskell-actions/setup/pull/137\"\u003ehaskell-actions/setup#137\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/haskell-actions/setup/compare/v2.10.1...v2.10.2\"\u003ehttps://github.com/haskell-actions/setup/compare/v2.10.1...v2.10.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.10.1\u003c/h2\u003e\n\u003cp\u003eMove all ghcup-add-channel commands into same group\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove broken GHC 9.12.3 by \u003ca href=\"https://github.com/andreasabel\"\u003e\u003ccode\u003e@​andreasabel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/haskell-actions/setup/pull/133\"\u003ehaskell-actions/setup#133\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/haskell-actions/setup/compare/v2.10.0...v2.10.1\"\u003ehttps://github.com/haskell-actions/setup/compare/v2.10.0...v2.10.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.10.0\u003c/h2\u003e\n\u003cp\u003eUse GHCup vanilla and prereleases channels by default\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump actions/checkout from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/haskell-actions/setup/pull/128\"\u003ehaskell-actions/setup#128\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/haskell-actions/setup/issues/130\"\u003e#130\u003c/a\u003e: support GHCup on 32bit architecture by \u003ca href=\"https://github.com/andreasabel\"\u003e\u003ccode\u003e@​andreasabel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/haskell-actions/setup/pull/131\"\u003ehaskell-actions/setup#131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd GHCs 9.14.1 and 9.12.3 and Cabal 3.16.1.0 by \u003ca href=\"https://github.com/andreasabel\"\u003e\u003ccode\u003e@​andreasabel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/haskell-actions/setup/pull/132\"\u003ehaskell-actions/setup#132\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/haskell-actions/setup/compare/v2.9.0...v2.10.0\"\u003ehttps://github.com/haskell-actions/setup/compare/v2.9.0...v2.10.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/f9150cb1d140e9a9271700670baa38991e6fa25c\"\u003e\u003ccode\u003ef9150cb\u003c/code\u003e\u003c/a\u003e Add Stack 3.9.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/dc63c94789664bb2910876ec3dfeeaa24d23b96b\"\u003e\u003ccode\u003edc63c94\u003c/code\u003e\u003c/a\u003e Remove GHCup vanilla channel from defaults\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/7786314267139caaaf743fbdb70341b116a8d25d\"\u003e\u003ccode\u003e7786314\u003c/code\u003e\u003c/a\u003e await addGhcupReleaseChannel\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/57571745c639e06be44b0a6a5874b874eb8ba392\"\u003e\u003ccode\u003e5757174\u003c/code\u003e\u003c/a\u003e Move all ghcup-add-channel commands into same group\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/ca45ec3f5855d88df81d141f6bbe87cf96aa7ede\"\u003e\u003ccode\u003eca45ec3\u003c/code\u003e\u003c/a\u003e Remove broken GHC 9.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/eb29c237a18b47554a426cb75d69844f689dc049\"\u003e\u003ccode\u003eeb29c23\u003c/code\u003e\u003c/a\u003e Use GHCup vanilla and prereleases channels by default\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/243ff44acce6b550747dcb4b9fa8a960b76e3fb0\"\u003e\u003ccode\u003e243ff44\u003c/code\u003e\u003c/a\u003e Add GHCs 9.14.1 and 9.12.3 and Cabal 3.16.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/0512451d82f3ca8c147db62e30464e7c4ca63d30\"\u003e\u003ccode\u003e0512451\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://redirect.github.com/haskell-actions/setup/issues/130\"\u003e#130\u003c/a\u003e: support GHCup on 32bit architecture (\u003ca href=\"https://redirect.github.com/haskell-actions/setup/issues/131\"\u003e#131\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/45e56529521e0883281fb118e14ccc2553c7938c\"\u003e\u003ccode\u003e45e5652\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 5 to 6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/0a703b53e0ecfe04a312712af19699c3d8a17c7a\"\u003e\u003ccode\u003e0a703b5\u003c/code\u003e\u003c/a\u003e Test: drop macos-13 (deprecated, does not support node 24)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/haskell-actions/setup/compare/ec49483bfc012387b227434aba94f59a6ecd0900...f9150cb1d140e9a9271700670baa38991e6fa25c\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/cache` from 4.3.0 to 5.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/cache/releases\"\u003eactions/cache's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd release instructions and update maintainer docs by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1696\"\u003eactions/cache#1696\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePotential fix for code scanning alert no. 52: Workflow does not contain permissions by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1697\"\u003eactions/cache#1697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix workflow permissions and cleanup workflow names / formatting by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1699\"\u003eactions/cache#1699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Update examples to use the latest version by \u003ca href=\"https://github.com/XZTDean\"\u003e\u003ccode\u003e@​XZTDean\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1690\"\u003eactions/cache#1690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix proxy integration tests by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1701\"\u003eactions/cache#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix cache key in examples.md for bun.lock by \u003ca href=\"https://github.com/RyPeck\"\u003e\u003ccode\u003e@​RyPeck\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1722\"\u003eactions/cache#1722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate dependencies \u0026amp; patch security vulnerabilities by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1738\"\u003eactions/cache#1738\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/XZTDean\"\u003e\u003ccode\u003e@​XZTDean\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1690\"\u003eactions/cache#1690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/RyPeck\"\u003e\u003ccode\u003e@​RyPeck\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1722\"\u003eactions/cache#1722\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v5...v5.0.4\"\u003ehttps://github.com/actions/cache/compare/v5...v5.0.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/cache\u003c/code\u003e to v5.0.5 (Resolves: \u003ca href=\"https://github.com/actions/cache/security/dependabot/33\"\u003ehttps://github.com/actions/cache/security/dependabot/33\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/core\u003c/code\u003e to v2.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v5...v5.0.3\"\u003ehttps://github.com/actions/cache/compare/v5...v5.0.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev.5.0.2\u003c/h2\u003e\n\u003ch1\u003ev5.0.2\u003c/h1\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eWhen creating cache entries, 429s returned from the cache service will not be retried.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\n\u003cstrong\u003e\u003ccode\u003eactions/cache@v5\u003c/code\u003e runs on the Node.js 24 runtime and requires a minimum Actions Runner version of \u003ccode\u003e2.327.1\u003c/code\u003e.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eIf you are using self-hosted runners, ensure they are updated before upgrading.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003chr /\u003e\n\u003ch1\u003ev5.0.1\u003c/h1\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: update \u003ccode\u003e@​actions/cache\u003c/code\u003e for Node.js 24 punycode deprecation by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1685\"\u003eactions/cache#1685\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eprepare release v5.0.1 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1686\"\u003eactions/cache#1686\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev5.0.0\u003c/h1\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/cache/blob/main/RELEASES.md\"\u003eactions/cache's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eReleases\u003c/h1\u003e\n\u003ch2\u003eHow to prepare a release\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\u003cbr /\u003e\nRelevant for maintainers with write access only.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003col\u003e\n\u003cli\u003eSwitch to a new branch from \u003ccode\u003emain\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003enpm test\u003c/code\u003e to ensure all tests are passing.\u003c/li\u003e\n\u003cli\u003eUpdate the version in \u003ca href=\"https://github.com/actions/cache/blob/main/package.json\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/package.json\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003enpm run build\u003c/code\u003e to update the compiled files.\u003c/li\u003e\n\u003cli\u003eUpdate this \u003ca href=\"https://github.com/actions/cache/blob/main/RELEASES.md\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/RELEASES.md\u003c/code\u003e\u003c/a\u003e with the new version and changes in the \u003ccode\u003e## Changelog\u003c/code\u003e section.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003elicensed cache\u003c/code\u003e to update the license report.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003elicensed status\u003c/code\u003e and resolve any warnings by updating the \u003ca href=\"https://github.com/actions/cache/blob/main/.licensed.yml\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/.licensed.yml\u003c/code\u003e\u003c/a\u003e file with the exceptions.\u003c/li\u003e\n\u003cli\u003eCommit your changes and push your branch upstream.\u003c/li\u003e\n\u003cli\u003eOpen a pull request against \u003ccode\u003emain\u003c/code\u003e and get it reviewed and merged.\u003c/li\u003e\n\u003cli\u003eDraft a new release \u003ca href=\"https://github.com/actions/cache/releases\"\u003ehttps://github.com/actions/cache/releases\u003c/a\u003e use the same version number used in \u003ccode\u003epackage.json\u003c/code\u003e\n\u003col\u003e\n\u003cli\u003eCreate a new tag with the version number.\u003c/li\u003e\n\u003cli\u003eAuto generate release notes and update them to match the changes you made in \u003ccode\u003eRELEASES.md\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eToggle the set as the latest release option.\u003c/li\u003e\n\u003cli\u003ePublish the release.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/li\u003e\n\u003cli\u003eNavigate to \u003ca href=\"https://github.com/actions/cache/actions/workflows/release-new-action-version.yml\"\u003ehttps://github.com/actions/cache/actions/workflows/release-new-action-version.yml\u003c/a\u003e\n\u003col\u003e\n\u003cli\u003eThere should be a workflow run queued with the same version number.\u003c/li\u003e\n\u003cli\u003eApprove the run to publish the new version and update the major tags for this action.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003ch3\u003e5.0.4\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003eminimatch\u003c/code\u003e to v3.1.5 (fixes ReDoS via globstar patterns)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003eundici\u003c/code\u003e to v6.24.1 (WebSocket decompression bomb protection, header validation fixes)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003efast-xml-parser\u003c/code\u003e to v5.5.6\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.3\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/cache\u003c/code\u003e to v5.0.5 (Resolves: \u003ca href=\"https://github.com/actions/cache/security/dependabot/33\"\u003ehttps://github.com/actions/cache/security/dependabot/33\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/core\u003c/code\u003e to v2.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/cache\u003c/code\u003e to v5.0.3 \u003ca href=\"https://redirect.github.com/actions/cache/pull/1692\"\u003e#1692\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@azure/storage-blob\u003c/code\u003e to \u003ccode\u003e^12.29.1\u003c/code\u003e via \u003ccode\u003e@actions/cache@5.0.1\u003c/code\u003e \u003ca href=\"https://redirect.github.com/actions/cache/pull/1685\"\u003e#1685\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.0\u003c/h3\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\n\u003ccode\u003eactions/cache@v5\u003c/code\u003e runs on the Node.js 24 runtime and requires a minimum Actions Runner version of \u003ccode\u003e2.327.1\u003c/code\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/668228422ae6a00e4ad889ee87cd7109ec5666a7\"\u003e\u003ccode\u003e6682284\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1738\"\u003e#1738\u003c/a\u003e from actions/prepare-v5.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/e34039626f957d3e3e50843d15c1b20547fc90e2\"\u003e\u003ccode\u003ee340396\u003c/code\u003e\u003c/a\u003e Update RELEASES\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/8a671105293e81530f1af99863cdf94550aba1a6\"\u003e\u003ccode\u003e8a67110\u003c/code\u003e\u003c/a\u003e Add licenses\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/1865903e1b0cb750dda9bc5c58be03424cc62830\"\u003e\u003ccode\u003e1865903\u003c/code\u003e\u003c/a\u003e Update dependencies \u0026amp; patch security vulnerabilities\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/565629816435f6c0b50676926c9b05c254113c0c\"\u003e\u003ccode\u003e5656298\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1722\"\u003e#1722\u003c/a\u003e from RyPeck/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/4e380d19e192ace8e86f23f32ca6fdec98a673c6\"\u003e\u003ccode\u003e4e380d1\u003c/code\u003e\u003c/a\u003e Fix cache key in examples.md for bun.lock\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/b7e8d49f17405cc70c1c120101943203c98d3a4b\"\u003e\u003ccode\u003eb7e8d49\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1701\"\u003e#1701\u003c/a\u003e from actions/Link-/fix-proxy-integration-tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/984a21b1cb176a0936f4edafb42be88978f93ef1\"\u003e\u003ccode\u003e984a21b\u003c/code\u003e\u003c/a\u003e Add traffic sanity check step\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/acf2f1f76affe1ef80eee8e56dfddd3b3e5f0fba\"\u003e\u003ccode\u003eacf2f1f\u003c/code\u003e\u003c/a\u003e Fix resolution\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/95a07c51324af6001b4d6ab8dff29f4dfadc2531\"\u003e\u003ccode\u003e95a07c5\u003c/code\u003e\u003c/a\u003e Add wait for proxy\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/cache/compare/0057852bfaa89a56745cba8c7296529d2fc39830...668228422ae6a00e4ad889ee87cd7109ec5666a7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/upload-pages-artifact` from 3.0.1 to 4.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/upload-pages-artifact/releases\"\u003eactions/upload-pages-artifact's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePotentially breaking change: hidden files (specifically dotfiles) will not be included in the artifact by \u003ca href=\"https://github.com/tsusdere\"\u003e\u003ccode\u003e@​tsusdere\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-pages-artifact/pull/102\"\u003eactions/upload-pages-artifact#102\u003c/a\u003e\nIf you need to include dotfiles in your artifact: instead of using this action, create your own artifact according to these requirements \u003ca href=\"https://github.com/actions/upload-pages-artifact?tab=readme-ov-file#artifact-validation\"\u003ehttps://github.com/actions/upload-pages-artifact?tab=readme-ov-file#artifact-validation\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin \u003ccode\u003eactions/upload-artifact\u003c/code\u003e to SHA by \u003ca href=\"https://github.com/heavymachinery\"\u003e\u003ccode\u003e@​heavymachinery\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-pages-artifact/pull/127\"\u003eactions/upload-pages-artifact#127\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/upload-pages-artifact/compare/v3.0.1...v4.0.0\"\u003ehttps://github.com/actions/upload-pages-artifact/compare/v3.0.1...v4.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/7b1f4a764d45c48632c6b24a0339c27f5614fb0b\"\u003e\u003ccode\u003e7b1f4a7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-pages-artifact/issues/127\"\u003e#127\u003c/a\u003e from heavymachinery/pin-sha\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/4cc19c7d3f3e6c87c68366501382a03c8b1ba6db\"\u003e\u003ccode\u003e4cc19c7\u003c/code\u003e\u003c/a\u003e Pin \u003ccode\u003eactions/upload-artifact\u003c/code\u003e to SHA\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/2d163be3ddce01512f3eea7ac5b7023b5d643ce1\"\u003e\u003ccode\u003e2d163be\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-pages-artifact/issues/107\"\u003e#107\u003c/a\u003e from KittyChiu/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/c70484322b1c476728dcd37fac23c4dea2a0c51a\"\u003e\u003ccode\u003ec704843\u003c/code\u003e\u003c/a\u003e fix: linted README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/9605915f1d2fc79418cdce4d5fbe80511c457655\"\u003e\u003ccode\u003e9605915\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-pages-artifact/issues/106\"\u003e#106\u003c/a\u003e from KittyChiu/kittychiu/update-readme-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/e59cdfe6d6b061aab8f0619e759cded914f3ab03\"\u003e\u003ccode\u003ee59cdfe\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/a2d67043267d885050434d297d3dd3a3a14fd899\"\u003e\u003ccode\u003ea2d6704\u003c/code\u003e\u003c/a\u003e doc: updated usage section in readme\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/984864e7b70fb5cb764344dc9c4b5c087662ef50\"\u003e\u003ccode\u003e984864e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-pages-artifact/issues/105\"\u003e#105\u003c/a\u003e from actions/Jcambass-patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/45dc78884ca148c05eddcd8ac0a804d3365e9014\"\u003e\u003ccode\u003e45dc788\u003c/code\u003e\u003c/a\u003e Add workflow file for publishing releases to immutable action package\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/efaad07812d4b9ad2e8667cd46426fdfb7c22e22\"\u003e\u003ccode\u003eefaad07\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-pages-artifact/issues/102\"\u003e#102\u003c/a\u003e from actions/hidden-files\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/upload-pages-artifact/compare/56afc609e74202658d3ffba0e8f6dda462b719fa...7b1f4a764d45c48632c6b24a0339c27f5614fb0b\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 3.27.0 to 4.33.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.33.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3548\"\u003e#3548\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepositories owned by an organization can now set up the \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e custom repository property to disable \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis for CodeQL\u003c/a\u003e. First, create a custom repository property with the name \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e and the type \u0026quot;True/false\u0026quot; in the organization's settings. Then in the repository's settings, set this property to \u003ccode\u003etrue\u003c/code\u003e to disable improved incremental analysis. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. This feature is not yet available on GitHub Enterprise Server. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3507\"\u003e#3507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change so that when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e fails on a runner — potentially due to insufficient disk space — the failure is recorded in the Actions cache so that subsequent runs will automatically skip improved incremental analysis until something changes (e.g. a larger runner is provisioned or a new CodeQL version is released). We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3487\"\u003e#3487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe minimum memory check for improved incremental analysis is now skipped for CodeQL 2.24.3 and later, which has reduced peak RAM usage. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3515\"\u003e#3515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReduced log levels for best-effort private package registry connection check failures to reduce noise from workflow annotations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3516\"\u003e#3516\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which lowers the minimum disk space requirement for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e, enabling it to run on standard GitHub Actions runners. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3498\"\u003e#3498\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which allows the \u003ccode\u003estart-proxy\u003c/code\u003e action to resolve the CodeQL CLI version from feature flags instead of using the linked CLI bundle version. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3512\"\u003e#3512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe previously experimental changes from versions 4.32.3, 4.32.4, 3.32.3 and 3.32.4 are now enabled by default. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3503\"\u003e#3503\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3504\"\u003e#3504\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.2\"\u003e2.24.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3493\"\u003e#3493\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which improves how certificates are generated for the authentication proxy that is used by the CodeQL Action in Default Setup when \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e. This is expected to generate more widely compatible certificates and should have no impact on analyses which are working correctly already. We expect to roll this change out to everyone in February. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3473\"\u003e#3473\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen the CodeQL Action is run \u003ca href=\"https://docs.github.com/en/code-security/how-tos/scan-code-for-vulnerabilities/troubleshooting/troubleshooting-analysis-errors/logs-not-detailed-enough#creating-codeql-debugging-artifacts-for-codeql-default-setup\"\u003ewith debugging enabled in Default Setup\u003c/a\u003e and \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e, the \u0026quot;Setup proxy for registries\u0026quot; step will output additional diagnostic information that can be used for troubleshooting. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3486\"\u003e#3486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which allows the CodeQL Action to enable network debugging for Java programs. This will help GitHub staff support customers with troubleshooting issues in GitHub-managed CodeQL workflows, such as Default Setup. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3485\"\u003e#3485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which enables GitHub-managed workflows, such as Default Setup, to use a \u003ca href=\"https://github.com/dsp-testing/codeql-cli-nightlies\"\u003enightly CodeQL CLI release\u003c/a\u003e instead of the latest, stable release that is used by default. This will help GitHub staff support customers whose analyses for a given repository or organization require early access to a change in an upcoming CodeQL CLI release. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3484\"\u003e#3484\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded experimental support for testing connections to \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for Default Setup. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3466\"\u003e#3466\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.1\"\u003e2.24.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3460\"\u003e#3460\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eA warning is now shown in Default Setup workflow logs if a \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registry is configured\u003c/a\u003e using a GitHub Personal Access Token (PAT), but no username is configured. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3422\"\u003e#3422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug which caused the CodeQL Action to fail when repository properties cannot successfully be retrieved. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3421\"\u003e#3421\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.0\"\u003e2.24.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3425\"\u003e#3425\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.31.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWhen running a Default Setup workflow with \u003ca href=\"https://docs.github.com/en/actions/how-tos/monitor-workflows/enable-debug-logging\"\u003eActions debugging enabled\u003c/a\u003e, the CodeQL Action will now use more unique names when uploading logs from the Dependabot authentication proxy as workflow artifacts. This ensures that the artifact names do not clash between multiple jobs in a build matrix. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3409\"\u003e#3409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved error handling throughout the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3415\"\u003e#3415\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded experimental support for automatically excluding \u003ca href=\"https://docs.github.com/en/repositories/working-with-files/managing-files/customizing-how-changed-files-appear-on-github\"\u003egenerated files\u003c/a\u003e from the analysis. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for some GitHub-managed analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3318\"\u003e#3318\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe changelog extracts that are included with releases of the CodeQL Action are now shorter to avoid duplicated information from appearing in Dependabot PRs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3403\"\u003e#3403\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded an experimental change which disables TRAP caching when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3569\"\u003e#3569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWe are rolling out improved incremental analysis to C/C++ analyses that use build mode \u003ccode\u003enone\u003c/code\u003e. We expect this rollout to be complete by the end of April 2026. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3584\"\u003e#3584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0\"\u003e2.25.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3585\"\u003e#3585\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.33.0 - 16 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.6 - 05 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3548\"\u003e#3548\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.5 - 02 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepositories owned by an organization can now set up the \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e custom repository property to disable \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis for CodeQL\u003c/a\u003e. First, create a custom repository property with the name \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e and the type \u0026quot;True/false\u0026quot; in the organization's settings. Then in the repository's settings, set this property to \u003ccode\u003etrue\u003c/code\u003e to disable improved incremental analysis. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. This feature is not yet available on GitHub Enterprise Server. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3507\"\u003e#3507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change so that when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e fails on a runner — potentially due to insufficient disk space — the failure is recorded in the Actions cache so that subsequent runs will automatically skip improved incremental analysis until something changes (e.g. a larger runner is provisioned or a new CodeQL version is released). We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3487\"\u003e#3487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe minimum memory check for improved incremental analysis is now skipped for CodeQL 2.24.3 and later, which has reduced peak RAM usage. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3515\"\u003e#3515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReduced log levels for best-effort private package registry connection check failures to reduce noise from workflow annotations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3516\"\u003e#3516\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which lowers the minimum disk space requirement for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e, enabling it to run on standard GitHub Actions runners. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3498\"\u003e#3498\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which allows the \u003ccode\u003estart-proxy\u003c/code\u003e action to resolve the CodeQL CLI version from feature flags instead of using the linked CLI bundle version. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3512\"\u003e#3512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe previously experimental changes from versions 4.32.3, 4.32.4, 3.32.3 and 3.32.4 are now enabled by default. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3503\"\u003e#3503\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3504\"\u003e#3504\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.4 - 20 Feb 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.2\"\u003e2.24.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3493\"\u003e#3493\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which improves how certificates are generated for the authentication proxy that is used by the CodeQL Action in Default Setup when \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e. This is expected to generate more widely compatible certificates and should have no impact on analyses which are working correctly already. We expect to roll this change out to everyone in February. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3473\"\u003e#3473\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen the CodeQL Action is run \u003ca href=\"https://docs.github.com/en/code-security/how-tos/scan-code-for-vulnerabilities/troubleshooting/troubleshooting-analysis-errors/logs-not-detailed-enough#creating-codeql-debugging-artifacts-for-codeql-default-setup\"\u003ewith debugging enabled in Default Setup\u003c/a\u003e and \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e, the \u0026quot;Setup proxy for registries\u0026quot; step will output additional diagnostic information that can be used for troubleshooting. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3486\"\u003e#3486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which allows the CodeQL Action to enable network debugging for Java programs. This will help GitHub staff support customers with troubleshooting issues in GitHub-managed CodeQL workflows, such as Default Setup. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3485\"\u003e#3485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which enables GitHub-managed workflows, such as Default Setup, to use a \u003ca href=\"https://github.com/dsp-testing/codeql-cli-nightlies\"\u003enightly CodeQL CLI release\u003c/a\u003e instead of the latest, stable release that is used by default. This will help GitHub staff support customers whose analyses for a given repository or organization require early access to a change in an upcoming CodeQL CLI release. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3484\"\u003e#3484\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.3 - 13 Feb 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded experimental support for testing connections to \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for Default Setup. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3466\"\u003e#3466\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/b1bff81932f5cdfc8695c7752dcee935dcd061c8\"\u003e\u003ccode\u003eb1bff81\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3574\"\u003e#3574\u003c/a\u003e from github/update-v4.32.7-7dd76e6bf\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e682234222f60d9549e37004a04a8f097bbd5798\"\u003e\u003ccode\u003ee682234\u003c/code\u003e\u003c/a\u003e Add changelog entry for \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3570\"\u003e#3570\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/95be291f41a39216811b3ce1a63a8df71d40d405\"\u003e\u003ccode\u003e95be291\u003c/code\u003e\u003c/a\u003e Bump minor version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/59bcb6025e4788109a6bb8f7ac4ad9c6a8d6beeb\"\u003e\u003ccode\u003e59bcb60\u003c/code\u003e\u003c/a\u003e Update changelog for v4.32.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7dd76e6bf79d24133aa649887a6ee01d8b063816\"\u003e\u003ccode\u003e7dd76e6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3572\"\u003e#3572\u003c/a\u003e from github/mbg/pr-checks/eslint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e3200e331bf51e47d45a8a5645d2a125c8a8a643\"\u003e\u003ccode\u003ee3200e3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3563\"\u003e#3563\u003c/a\u003e from github/mbg/private-registry/oidc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/4c356c71a28eb968dbcf4fb717211e82f406874f\"\u003e\u003ccode\u003e4c356c7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3570\"\u003e#3570\u003c/a\u003e from github/mbg/repo-props/warn-on-unexpected-props\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/b4937c19e53d395cc647fe16c4e00788a4e7ded3\"\u003e\u003ccode\u003eb4937c1\u003c/code\u003e\u003c/a\u003e Only emit one message with accumulated property names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/136b8ab3777165e3ec7a19faa7ef9732ace305da\"\u003e\u003ccode\u003e136b8ab\u003c/code\u003e\u003c/a\u003e Remove \u003ccode\u003ecache-dependency-path\u003c/code\u003e options as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/a5aba5952cd5add76ec9f971654d61461a3ac2bd\"\u003e\u003ccode\u003ea5aba59\u003c/code\u003e\u003c/a\u003e Remove \u003ccode\u003epackage-lock.json\u003c/code\u003e that's no longer needed\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/v3.27.0...b1bff81932f5cdfc8695c7752dcee935dcd061c8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `erlef/setup-beam` from 1.17.5 to 1.23.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.23.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.23.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.22.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003emise.toml\u003c/code\u003e as \u003ccode\u003eversion-file\u003c/code\u003e (input) by \u003ca href=\"https://github.com/dinokovac-river\"\u003e\u003ccode\u003e@​dinokovac-river\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/415\"\u003eerlef/setup-beam#415\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDependabot updates\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/419\"\u003eerlef/setup-beam#419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/exec\u003c/code\u003e from 1.1.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/405\"\u003eerlef/setup-beam#405\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/tool-cache\u003c/code\u003e from 2.0.2 to 4.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/407\"\u003eerlef/setup-beam#407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​eslint/js\u003c/code\u003e from 9.38.0 to 10.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/404\"\u003eerlef/setup-beam#404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.1.0 to 6.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/409\"\u003eerlef/setup-beam#409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.2.0 to 6.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/423\"\u003eerlef/setup-beam#423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint from 10.0.1 to 10.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/420\"\u003eerlef/setup-beam#420\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint-plugin-yml from 1.18.0 to 3.3.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/418\"\u003eerlef/setup-beam#418\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump globals from 17.3.0 to 17.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/421\"\u003eerlef/setup-beam#421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump markdownlint-cli from 0.47.0 to 0.48.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/422\"\u003eerlef/setup-beam#422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump prettier from 3.6.2 to 3.8.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/408\"\u003eerlef/setup-beam#408\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.0 to 2.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/410\"\u003eerlef/setup-beam#410\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.1 to 2.1.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/424\"\u003eerlef/setup-beam#424\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003e\u003ccode\u003eee09b1e\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to f8b54b5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/f8b54b559e6123caaab7f1aa113f60a5fad786e6\"\u003e\u003ccode\u003ef8b54b5\u003c/code\u003e\u003c/a\u003e Run ARM-specific tests consistently (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/434\"\u003e#434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf1ce7403467d283c9c2f605633ef849ed3781c8\"\u003e\u003ccode\u003ebf1ce74\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 559a930\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/559a93075107e8996bed015071364d5b82de6c9a\"\u003e\u003ccode...\n\n_Description has been truncated_","html_url":"https://github.com/hyperpolymath/docmatrix/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyperpolymath%2Fdocmatrix/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"},{"uuid":"4099501802","node_id":"PR_kwDOQmhcK87LwSF5","number":15,"state":"open","title":"chore(deps): bump the actions group with 3 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-19T05:55:34.000Z","updated_at":"2026-03-26T08:00:23.119Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"actions","update_count":3,"packages":[{"name":"actions/checkout","old_version":"4","new_version":"6","repository_url":"https://github.com/actions/checkout"},{"name":"github/codeql-action","old_version":"4.32.6","new_version":"4.33.0","repository_url":"https://github.com/github/codeql-action"},{"name":"erlef/setup-beam","old_version":"1.22.0","new_version":"1.23.0","repository_url":"https://github.com/erlef/setup-beam"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 3 updates: [actions/checkout](https://github.com/actions/checkout), [github/codeql-action](https://github.com/github/codeql-action) and [erlef/setup-beam](https://github.com/erlef/setup-beam).\n\nUpdates `actions/checkout` from 4 to 6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/releases\"\u003eactions/checkout's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev6-beta by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2298\"\u003eactions/checkout#2298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate readme/changelog for v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2311\"\u003eactions/checkout#2311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/checkout/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6-beta\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eUpdated persist-credentials to store the credentials under \u003ccode\u003e$RUNNER_TEMP\u003c/code\u003e instead of directly in the local git config.\u003c/p\u003e\n\u003cp\u003eThis requires a minimum Actions Runner version of \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.329.0\"\u003ev2.329.0\u003c/a\u003e to access the persisted credentials for \u003ca href=\"https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action\"\u003eDocker container action\u003c/a\u003e scenarios.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5...v5.0.1\"\u003ehttps://github.com/actions/checkout/compare/v5...v5.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare v5.0.0 release by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2238\"\u003eactions/checkout#2238\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eMake sure your runner is updated to this version or newer to use this release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v4...v5.0.0\"\u003ehttps://github.com/actions/checkout/compare/v4...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v4...v4.3.1\"\u003ehttps://github.com/actions/checkout/compare/v4...v4.3.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca href=\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca href=\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca href=\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003e\u003ccode\u003ede0fac2\u003c/code\u003e\u003c/a\u003e Fix tag handling: preserve annotations and explicit fetch-tags (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2356\"\u003e#2356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49\"\u003e\u003ccode\u003e064fe7f\u003c/code\u003e\u003c/a\u003e Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8\"\u003e\u003ccode\u003e8e8c483\u003c/code\u003e\u003c/a\u003e Clarify v6 README (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2328\"\u003e#2328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1\"\u003e\u003ccode\u003e033fa0d\u003c/code\u003e\u003c/a\u003e Add worktree support for persist-credentials includeIf (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2327\"\u003e#2327\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5\"\u003e\u003ccode\u003ec2d88d3\u003c/code\u003e\u003c/a\u003e Update all references from v5 and v4 to v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2314\"\u003e#2314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3\"\u003e\u003ccode\u003e1af3b93\u003c/code\u003e\u003c/a\u003e update readme/changelog for v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2311\"\u003e#2311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e\"\u003e\u003ccode\u003e71cf226\u003c/code\u003e\u003c/a\u003e v6-beta (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2298\"\u003e#2298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e\"\u003e\u003ccode\u003e069c695\u003c/code\u003e\u003c/a\u003e Persist creds to a separate file (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2286\"\u003e#2286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493\"\u003e\u003ccode\u003eff7abcd\u003c/code\u003e\u003c/a\u003e Update README to include Node.js 24 support details and requirements (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8\"\u003e\u003ccode\u003e08c6903\u003c/code\u003e\u003c/a\u003e Prepare v5.0.0 release (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2238\"\u003e#2238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/checkout/compare/v4...v6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 4.32.6 to 4.33.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.33.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.33.0 - 16 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.6 - 05 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3548\"\u003e#3548\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.5 - 02 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepositories owned by an organization can now set up the \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e custom repository property to disable \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis for CodeQL\u003c/a\u003e. First, create a custom repository property with the name \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e and the type \u0026quot;True/false\u0026quot; in the organization's settings. Then in the repository's settings, set this property to \u003ccode\u003etrue\u003c/code\u003e to disable improved incremental analysis. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. This feature is not yet available on GitHub Enterprise Server. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3507\"\u003e#3507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change so that when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e fails on a runner — potentially due to insufficient disk space — the failure is recorded in the Actions cache so that subsequent runs will automatically skip improved incremental analysis until something changes (e.g. a larger runner is provisioned or a new CodeQL version is released). We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3487\"\u003e#3487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe minimum memory check for improved incremental analysis is now skipped for CodeQL 2.24.3 and later, which has reduced peak RAM usage. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3515\"\u003e#3515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReduced log levels for best-effort private package registry connection check failures to reduce noise from workflow annotations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3516\"\u003e#3516\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which lowers the minimum disk space requirement for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e, enabling it to run on standard GitHub Actions runners. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3498\"\u003e#3498\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which allows the \u003ccode\u003estart-proxy\u003c/code\u003e action to resolve the CodeQL CLI version from feature flags instead of using the linked CLI bundle version. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3512\"\u003e#3512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe previously experimental changes from versions 4.32.3, 4.32.4, 3.32.3 and 3.32.4 are now enabled by default. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3503\"\u003e#3503\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3504\"\u003e#3504\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.4 - 20 Feb 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.2\"\u003e2.24.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3493\"\u003e#3493\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which improves how certificates are generated for the authentication proxy that is used by the CodeQL Action in Default Setup when \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e. This is expected to generate more widely compatible certificates and should have no impact on analyses which are working correctly already. We expect to roll this change out to everyone in February. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3473\"\u003e#3473\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen the CodeQL Action is run \u003ca href=\"https://docs.github.com/en/code-security/how-tos/scan-code-for-vulnerabilities/troubleshooting/troubleshooting-analysis-errors/logs-not-detailed-enough#creating-codeql-debugging-artifacts-for-codeql-default-setup\"\u003ewith debugging enabled in Default Setup\u003c/a\u003e and \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e, the \u0026quot;Setup proxy for registries\u0026quot; step will output additional diagnostic information that can be used for troubleshooting. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3486\"\u003e#3486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which allows the CodeQL Action to enable network debugging for Java programs. This will help GitHub staff support customers with troubleshooting issues in GitHub-managed CodeQL workflows, such as Default Setup. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3485\"\u003e#3485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which enables GitHub-managed workflows, such as Default Setup, to use a \u003ca href=\"https://github.com/dsp-testing/codeql-cli-nightlies\"\u003enightly CodeQL CLI release\u003c/a\u003e instead of the latest, stable release that is used by default. This will help GitHub staff support customers whose analyses for a given repository or organization require early access to a change in an upcoming CodeQL CLI release. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3484\"\u003e#3484\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.3 - 13 Feb 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded experimental support for testing connections to \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for Default Setup. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3466\"\u003e#3466\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.2 - 05 Feb 2026\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/b1bff81932f5cdfc8695c7752dcee935dcd061c8\"\u003e\u003ccode\u003eb1bff81\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3574\"\u003e#3574\u003c/a\u003e from github/update-v4.32.7-7dd76e6bf\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e682234222f60d9549e37004a04a8f097bbd5798\"\u003e\u003ccode\u003ee682234\u003c/code\u003e\u003c/a\u003e Add changelog entry for \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3570\"\u003e#3570\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/95be291f41a39216811b3ce1a63a8df71d40d405\"\u003e\u003ccode\u003e95be291\u003c/code\u003e\u003c/a\u003e Bump minor version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/59bcb6025e4788109a6bb8f7ac4ad9c6a8d6beeb\"\u003e\u003ccode\u003e59bcb60\u003c/code\u003e\u003c/a\u003e Update changelog for v4.32.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7dd76e6bf79d24133aa649887a6ee01d8b063816\"\u003e\u003ccode\u003e7dd76e6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3572\"\u003e#3572\u003c/a\u003e from github/mbg/pr-checks/eslint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e3200e331bf51e47d45a8a5645d2a125c8a8a643\"\u003e\u003ccode\u003ee3200e3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3563\"\u003e#3563\u003c/a\u003e from github/mbg/private-registry/oidc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/4c356c71a28eb968dbcf4fb717211e82f406874f\"\u003e\u003ccode\u003e4c356c7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3570\"\u003e#3570\u003c/a\u003e from github/mbg/repo-props/warn-on-unexpected-props\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/b4937c19e53d395cc647fe16c4e00788a4e7ded3\"\u003e\u003ccode\u003eb4937c1\u003c/code\u003e\u003c/a\u003e Only emit one message with accumulated property names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/136b8ab3777165e3ec7a19faa7ef9732ace305da\"\u003e\u003ccode\u003e136b8ab\u003c/code\u003e\u003c/a\u003e Remove \u003ccode\u003ecache-dependency-path\u003c/code\u003e options as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/a5aba5952cd5add76ec9f971654d61461a3ac2bd\"\u003e\u003ccode\u003ea5aba59\u003c/code\u003e\u003c/a\u003e Remove \u003ccode\u003epackage-lock.json\u003c/code\u003e that's no longer needed\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/0d579ffd059c29b07949a3cce3983f0780820c98...b1bff81932f5cdfc8695c7752dcee935dcd061c8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `erlef/setup-beam` from 1.22.0 to 1.23.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.23.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.23.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003e\u003ccode\u003eee09b1e\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to f8b54b5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/f8b54b559e6123caaab7f1aa113f60a5fad786e6\"\u003e\u003ccode\u003ef8b54b5\u003c/code\u003e\u003c/a\u003e Run ARM-specific tests consistently (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/434\"\u003e#434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf1ce7403467d283c9c2f605633ef849ed3781c8\"\u003e\u003ccode\u003ebf1ce74\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 559a930\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/559a93075107e8996bed015071364d5b82de6c9a\"\u003e\u003ccode\u003e559a930\u003c/code\u003e\u003c/a\u003e Bump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 director...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/1380ebe712baba142b98b84cf8d62c5235dfafc3\"\u003e\u003ccode\u003e1380ebe\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 0a54959\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/0a549596b00a62e47fdaf801584216a26b1831e8\"\u003e\u003ccode\u003e0a54959\u003c/code\u003e\u003c/a\u003e Compatibility matrix strategy (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/389\"\u003e#389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/3a3c94fd9e9380e45cecff3ab9f5b6b9e0d2f6da\"\u003e\u003ccode\u003e3a3c94f\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to cfafb69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/cfafb69dddf4265d6e7aa5232514b85b3f829076\"\u003e\u003ccode\u003ecfafb69\u003c/code\u003e\u003c/a\u003e feat: add Erlang problem matchers (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/433\"\u003e#433\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/b3cbb6afbf19923100205a2cc9ac78dbc5d87113\"\u003e\u003ccode\u003eb3cbb6a\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 2abe6cd\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/2abe6cda7aebef61794fefb3fb28ad5bab8bb158\"\u003e\u003ccode\u003e2abe6cd\u003c/code\u003e\u003c/a\u003e fix: download correct Gleam binary for macOS and Linux ARM64 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/428\"\u003e#428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/9d5b75ddfda22fb979d2270283237aef8aa68d6b...ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/hyperpolymath/checky-monkey/pull/15","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyperpolymath%2Fchecky-monkey/issues/15","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/15/packages"},{"uuid":"4099216472","node_id":"PR_kwDOQmhcv87LveqM","number":15,"state":"open","title":"chore(deps): Bump the actions group with 3 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-19T04:25:52.000Z","updated_at":"2026-03-19T04:25:58.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): Bump","group_name":"actions","update_count":3,"packages":[{"name":"actions/checkout","old_version":"4","new_version":"6","repository_url":"https://github.com/actions/checkout"},{"name":"github/codeql-action","old_version":"4.32.6","new_version":"4.33.0","repository_url":"https://github.com/github/codeql-action"},{"name":"erlef/setup-beam","old_version":"1.22.0","new_version":"1.23.0","repository_url":"https://github.com/erlef/setup-beam"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 3 updates: [actions/checkout](https://github.com/actions/checkout), [github/codeql-action](https://github.com/github/codeql-action) and [erlef/setup-beam](https://github.com/erlef/setup-beam).\n\nUpdates `actions/checkout` from 4 to 6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/releases\"\u003eactions/checkout's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev6-beta by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2298\"\u003eactions/checkout#2298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate readme/changelog for v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2311\"\u003eactions/checkout#2311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/checkout/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6-beta\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eUpdated persist-credentials to store the credentials under \u003ccode\u003e$RUNNER_TEMP\u003c/code\u003e instead of directly in the local git config.\u003c/p\u003e\n\u003cp\u003eThis requires a minimum Actions Runner version of \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.329.0\"\u003ev2.329.0\u003c/a\u003e to access the persisted credentials for \u003ca href=\"https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action\"\u003eDocker container action\u003c/a\u003e scenarios.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5...v5.0.1\"\u003ehttps://github.com/actions/checkout/compare/v5...v5.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare v5.0.0 release by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2238\"\u003eactions/checkout#2238\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eMake sure your runner is updated to this version or newer to use this release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v4...v5.0.0\"\u003ehttps://github.com/actions/checkout/compare/v4...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v4...v4.3.1\"\u003ehttps://github.com/actions/checkout/compare/v4...v4.3.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca href=\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca href=\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca href=\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003e\u003ccode\u003ede0fac2\u003c/code\u003e\u003c/a\u003e Fix tag handling: preserve annotations and explicit fetch-tags (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2356\"\u003e#2356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49\"\u003e\u003ccode\u003e064fe7f\u003c/code\u003e\u003c/a\u003e Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8\"\u003e\u003ccode\u003e8e8c483\u003c/code\u003e\u003c/a\u003e Clarify v6 README (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2328\"\u003e#2328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1\"\u003e\u003ccode\u003e033fa0d\u003c/code\u003e\u003c/a\u003e Add worktree support for persist-credentials includeIf (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2327\"\u003e#2327\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5\"\u003e\u003ccode\u003ec2d88d3\u003c/code\u003e\u003c/a\u003e Update all references from v5 and v4 to v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2314\"\u003e#2314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3\"\u003e\u003ccode\u003e1af3b93\u003c/code\u003e\u003c/a\u003e update readme/changelog for v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2311\"\u003e#2311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e\"\u003e\u003ccode\u003e71cf226\u003c/code\u003e\u003c/a\u003e v6-beta (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2298\"\u003e#2298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e\"\u003e\u003ccode\u003e069c695\u003c/code\u003e\u003c/a\u003e Persist creds to a separate file (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2286\"\u003e#2286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493\"\u003e\u003ccode\u003eff7abcd\u003c/code\u003e\u003c/a\u003e Update README to include Node.js 24 support details and requirements (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8\"\u003e\u003ccode\u003e08c6903\u003c/code\u003e\u003c/a\u003e Prepare v5.0.0 release (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2238\"\u003e#2238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/checkout/compare/v4...v6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 4.32.6 to 4.33.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.33.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.33.0 - 16 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.6 - 05 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3548\"\u003e#3548\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.5 - 02 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepositories owned by an organization can now set up the \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e custom repository property to disable \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis for CodeQL\u003c/a\u003e. First, create a custom repository property with the name \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e and the type \u0026quot;True/false\u0026quot; in the organization's settings. Then in the repository's settings, set this property to \u003ccode\u003etrue\u003c/code\u003e to disable improved incremental analysis. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. This feature is not yet available on GitHub Enterprise Server. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3507\"\u003e#3507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change so that when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e fails on a runner — potentially due to insufficient disk space — the failure is recorded in the Actions cache so that subsequent runs will automatically skip improved incremental analysis until something changes (e.g. a larger runner is provisioned or a new CodeQL version is released). We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3487\"\u003e#3487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe minimum memory check for improved incremental analysis is now skipped for CodeQL 2.24.3 and later, which has reduced peak RAM usage. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3515\"\u003e#3515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReduced log levels for best-effort private package registry connection check failures to reduce noise from workflow annotations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3516\"\u003e#3516\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which lowers the minimum disk space requirement for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e, enabling it to run on standard GitHub Actions runners. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3498\"\u003e#3498\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which allows the \u003ccode\u003estart-proxy\u003c/code\u003e action to resolve the CodeQL CLI version from feature flags instead of using the linked CLI bundle version. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3512\"\u003e#3512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe previously experimental changes from versions 4.32.3, 4.32.4, 3.32.3 and 3.32.4 are now enabled by default. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3503\"\u003e#3503\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3504\"\u003e#3504\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.4 - 20 Feb 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.2\"\u003e2.24.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3493\"\u003e#3493\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which improves how certificates are generated for the authentication proxy that is used by the CodeQL Action in Default Setup when \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e. This is expected to generate more widely compatible certificates and should have no impact on analyses which are working correctly already. We expect to roll this change out to everyone in February. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3473\"\u003e#3473\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen the CodeQL Action is run \u003ca href=\"https://docs.github.com/en/code-security/how-tos/scan-code-for-vulnerabilities/troubleshooting/troubleshooting-analysis-errors/logs-not-detailed-enough#creating-codeql-debugging-artifacts-for-codeql-default-setup\"\u003ewith debugging enabled in Default Setup\u003c/a\u003e and \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e, the \u0026quot;Setup proxy for registries\u0026quot; step will output additional diagnostic information that can be used for troubleshooting. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3486\"\u003e#3486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which allows the CodeQL Action to enable network debugging for Java programs. This will help GitHub staff support customers with troubleshooting issues in GitHub-managed CodeQL workflows, such as Default Setup. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3485\"\u003e#3485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which enables GitHub-managed workflows, such as Default Setup, to use a \u003ca href=\"https://github.com/dsp-testing/codeql-cli-nightlies\"\u003enightly CodeQL CLI release\u003c/a\u003e instead of the latest, stable release that is used by default. This will help GitHub staff support customers whose analyses for a given repository or organization require early access to a change in an upcoming CodeQL CLI release. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3484\"\u003e#3484\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.3 - 13 Feb 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded experimental support for testing connections to \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for Default Setup. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3466\"\u003e#3466\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.2 - 05 Feb 2026\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/b1bff81932f5cdfc8695c7752dcee935dcd061c8\"\u003e\u003ccode\u003eb1bff81\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3574\"\u003e#3574\u003c/a\u003e from github/update-v4.32.7-7dd76e6bf\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e682234222f60d9549e37004a04a8f097bbd5798\"\u003e\u003ccode\u003ee682234\u003c/code\u003e\u003c/a\u003e Add changelog entry for \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3570\"\u003e#3570\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/95be291f41a39216811b3ce1a63a8df71d40d405\"\u003e\u003ccode\u003e95be291\u003c/code\u003e\u003c/a\u003e Bump minor version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/59bcb6025e4788109a6bb8f7ac4ad9c6a8d6beeb\"\u003e\u003ccode\u003e59bcb60\u003c/code\u003e\u003c/a\u003e Update changelog for v4.32.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7dd76e6bf79d24133aa649887a6ee01d8b063816\"\u003e\u003ccode\u003e7dd76e6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3572\"\u003e#3572\u003c/a\u003e from github/mbg/pr-checks/eslint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e3200e331bf51e47d45a8a5645d2a125c8a8a643\"\u003e\u003ccode\u003ee3200e3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3563\"\u003e#3563\u003c/a\u003e from github/mbg/private-registry/oidc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/4c356c71a28eb968dbcf4fb717211e82f406874f\"\u003e\u003ccode\u003e4c356c7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3570\"\u003e#3570\u003c/a\u003e from github/mbg/repo-props/warn-on-unexpected-props\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/b4937c19e53d395cc647fe16c4e00788a4e7ded3\"\u003e\u003ccode\u003eb4937c1\u003c/code\u003e\u003c/a\u003e Only emit one message with accumulated property names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/136b8ab3777165e3ec7a19faa7ef9732ace305da\"\u003e\u003ccode\u003e136b8ab\u003c/code\u003e\u003c/a\u003e Remove \u003ccode\u003ecache-dependency-path\u003c/code\u003e options as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/a5aba5952cd5add76ec9f971654d61461a3ac2bd\"\u003e\u003ccode\u003ea5aba59\u003c/code\u003e\u003c/a\u003e Remove \u003ccode\u003epackage-lock.json\u003c/code\u003e that's no longer needed\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/0d579ffd059c29b07949a3cce3983f0780820c98...b1bff81932f5cdfc8695c7752dcee935dcd061c8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `erlef/setup-beam` from 1.22.0 to 1.23.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.23.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.23.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003e\u003ccode\u003eee09b1e\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to f8b54b5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/f8b54b559e6123caaab7f1aa113f60a5fad786e6\"\u003e\u003ccode\u003ef8b54b5\u003c/code\u003e\u003c/a\u003e Run ARM-specific tests consistently (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/434\"\u003e#434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf1ce7403467d283c9c2f605633ef849ed3781c8\"\u003e\u003ccode\u003ebf1ce74\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 559a930\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/559a93075107e8996bed015071364d5b82de6c9a\"\u003e\u003ccode\u003e559a930\u003c/code\u003e\u003c/a\u003e Bump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 director...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/1380ebe712baba142b98b84cf8d62c5235dfafc3\"\u003e\u003ccode\u003e1380ebe\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 0a54959\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/0a549596b00a62e47fdaf801584216a26b1831e8\"\u003e\u003ccode\u003e0a54959\u003c/code\u003e\u003c/a\u003e Compatibility matrix strategy (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/389\"\u003e#389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/3a3c94fd9e9380e45cecff3ab9f5b6b9e0d2f6da\"\u003e\u003ccode\u003e3a3c94f\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to cfafb69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/cfafb69dddf4265d6e7aa5232514b85b3f829076\"\u003e\u003ccode\u003ecfafb69\u003c/code\u003e\u003c/a\u003e feat: add Erlang problem matchers (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/433\"\u003e#433\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/b3cbb6afbf19923100205a2cc9ac78dbc5d87113\"\u003e\u003ccode\u003eb3cbb6a\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 2abe6cd\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/2abe6cda7aebef61794fefb3fb28ad5bab8bb158\"\u003e\u003ccode\u003e2abe6cd\u003c/code\u003e\u003c/a\u003e fix: download correct Gleam binary for macOS and Linux ARM64 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/428\"\u003e#428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/9d5b75ddfda22fb979d2270283237aef8aa68d6b...ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/hyperpolymath/supernorma/pull/15","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyperpolymath%2Fsupernorma/issues/15","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/15/packages"},{"uuid":"4097805601","node_id":"PR_kwDORjyzWc7Lq-dm","number":2,"state":"open","title":"chore(deps): bump the actions group with 11 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-18T21:28:00.000Z","updated_at":"2026-03-23T02:08:29.718Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"actions","update_count":11,"packages":[{"name":"actions/checkout","old_version":"4","new_version":"6","repository_url":"https://github.com/actions/checkout"},{"name":"julia-actions/julia-buildpkg","old_version":"1.6.0","new_version":"1.7.0","repository_url":"https://github.com/julia-actions/julia-buildpkg"},{"name":"codecov/codecov-action","old_version":"5.5.2","new_version":"5.5.3","repository_url":"https://github.com/codecov/codecov-action"},{"name":"github/codeql-action","old_version":"3.27.0","new_version":"4.33.0","repository_url":"https://github.com/github/codeql-action"},{"name":"erlef/setup-beam","old_version":"1.17.5","new_version":"1.23.0","repository_url":"https://github.com/erlef/setup-beam"},{"name":"actions/github-script","old_version":"7.0.1","new_version":"8.0.0","repository_url":"https://github.com/actions/github-script"},{"name":"webfactory/ssh-agent","old_version":"0.9.1","new_version":"0.10.0","repository_url":"https://github.com/webfactory/ssh-agent"},{"name":"trufflesecurity/trufflehog","old_version":"3.92.5","new_version":"3.93.8","repository_url":"https://github.com/trufflesecurity/trufflehog"},{"name":"actions/download-artifact","old_version":"4.3.0","new_version":"8.0.1","repository_url":"https://github.com/actions/download-artifact"},{"name":"softprops/action-gh-release","old_version":"2.2.2","new_version":"2.6.1","repository_url":"https://github.com/softprops/action-gh-release"},{"name":"ossf/scorecard-action","old_version":"2.4.0","new_version":"2.4.3","repository_url":"https://github.com/ossf/scorecard-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 11 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [actions/checkout](https://github.com/actions/checkout) | `4` | `6` |\n| [julia-actions/julia-buildpkg](https://github.com/julia-actions/julia-buildpkg) | `1.6.0` | `1.7.0` |\n| [codecov/codecov-action](https://github.com/codecov/codecov-action) | `5.5.2` | `5.5.3` |\n| [github/codeql-action](https://github.com/github/codeql-action) | `3.27.0` | `4.33.0` |\n| [erlef/setup-beam](https://github.com/erlef/setup-beam) | `1.17.5` | `1.23.0` |\n| [actions/github-script](https://github.com/actions/github-script) | `7.0.1` | `8.0.0` |\n| [webfactory/ssh-agent](https://github.com/webfactory/ssh-agent) | `0.9.1` | `0.10.0` |\n| [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) | `3.92.5` | `3.93.8` |\n| [actions/download-artifact](https://github.com/actions/download-artifact) | `4.3.0` | `8.0.1` |\n| [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `2.2.2` | `2.6.1` |\n| [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.4.0` | `2.4.3` |\n\nUpdates `actions/checkout` from 4 to 6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/releases\"\u003eactions/checkout's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev6-beta by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2298\"\u003eactions/checkout#2298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate readme/changelog for v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2311\"\u003eactions/checkout#2311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/checkout/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6-beta\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eUpdated persist-credentials to store the credentials under \u003ccode\u003e$RUNNER_TEMP\u003c/code\u003e instead of directly in the local git config.\u003c/p\u003e\n\u003cp\u003eThis requires a minimum Actions Runner version of \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.329.0\"\u003ev2.329.0\u003c/a\u003e to access the persisted credentials for \u003ca href=\"https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action\"\u003eDocker container action\u003c/a\u003e scenarios.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5...v5.0.1\"\u003ehttps://github.com/actions/checkout/compare/v5...v5.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare v5.0.0 release by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2238\"\u003eactions/checkout#2238\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eMake sure your runner is updated to this version or newer to use this release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v4...v5.0.0\"\u003ehttps://github.com/actions/checkout/compare/v4...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v4...v4.3.1\"\u003ehttps://github.com/actions/checkout/compare/v4...v4.3.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca href=\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca href=\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca href=\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003e\u003ccode\u003ede0fac2\u003c/code\u003e\u003c/a\u003e Fix tag handling: preserve annotations and explicit fetch-tags (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2356\"\u003e#2356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49\"\u003e\u003ccode\u003e064fe7f\u003c/code\u003e\u003c/a\u003e Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8\"\u003e\u003ccode\u003e8e8c483\u003c/code\u003e\u003c/a\u003e Clarify v6 README (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2328\"\u003e#2328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1\"\u003e\u003ccode\u003e033fa0d\u003c/code\u003e\u003c/a\u003e Add worktree support for persist-credentials includeIf (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2327\"\u003e#2327\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5\"\u003e\u003ccode\u003ec2d88d3\u003c/code\u003e\u003c/a\u003e Update all references from v5 and v4 to v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2314\"\u003e#2314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3\"\u003e\u003ccode\u003e1af3b93\u003c/code\u003e\u003c/a\u003e update readme/changelog for v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2311\"\u003e#2311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e\"\u003e\u003ccode\u003e71cf226\u003c/code\u003e\u003c/a\u003e v6-beta (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2298\"\u003e#2298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e\"\u003e\u003ccode\u003e069c695\u003c/code\u003e\u003c/a\u003e Persist creds to a separate file (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2286\"\u003e#2286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493\"\u003e\u003ccode\u003eff7abcd\u003c/code\u003e\u003c/a\u003e Update README to include Node.js 24 support details and requirements (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8\"\u003e\u003ccode\u003e08c6903\u003c/code\u003e\u003c/a\u003e Prepare v5.0.0 release (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2238\"\u003e#2238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/checkout/compare/v4...v6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `julia-actions/julia-buildpkg` from 1.6.0 to 1.7.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/julia-actions/julia-buildpkg/releases\"\u003ejulia-actions/julia-buildpkg's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link trailing dot by \u003ca href=\"https://github.com/inkydragon\"\u003e\u003ccode\u003e@​inkydragon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/julia-actions/julia-buildpkg/pull/51\"\u003ejulia-actions/julia-buildpkg#51\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInstall the default registries for version \u0026gt; 1.8 by \u003ca href=\"https://github.com/ven-k\"\u003e\u003ccode\u003e@​ven-k\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/julia-actions/julia-buildpkg/pull/55\"\u003ejulia-actions/julia-buildpkg#55\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther stuff\u003c/h2\u003e\n\u003ch4\u003eDependency changes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBump actions/cache from 3 to 4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/julia-actions/julia-buildpkg/pull/50\"\u003ejulia-actions/julia-buildpkg#50\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump julia-actions/setup-julia from 1 to 2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/julia-actions/julia-buildpkg/pull/53\"\u003ejulia-actions/julia-buildpkg#53\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eFull Changelog\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/julia-actions/julia-buildpkg/compare/v1...v1.7.0\"\u003ehttps://github.com/julia-actions/julia-buildpkg/compare/v1...v1.7.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/inkydragon\"\u003e\u003ccode\u003e@​inkydragon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/julia-actions/julia-buildpkg/pull/51\"\u003ejulia-actions/julia-buildpkg#51\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ven-k\"\u003e\u003ccode\u003e@​ven-k\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/julia-actions/julia-buildpkg/pull/55\"\u003ejulia-actions/julia-buildpkg#55\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/julia-actions/julia-buildpkg/commit/e3eb439fad4f9aba7da2667e7510e4a46ebc46e1\"\u003e\u003ccode\u003ee3eb439\u003c/code\u003e\u003c/a\u003e fix: install the default registries for version \u0026gt; 1.8 (\u003ca href=\"https://redirect.github.com/julia-actions/julia-buildpkg/issues/55\"\u003e#55\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/julia-actions/julia-buildpkg/commit/d36834d83404fe14f893b16651c4b9bbd41f5122\"\u003e\u003ccode\u003ed36834d\u003c/code\u003e\u003c/a\u003e Bump julia-actions/setup-julia from 1 to 2 (\u003ca href=\"https://redirect.github.com/julia-actions/julia-buildpkg/issues/53\"\u003e#53\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/julia-actions/julia-buildpkg/commit/98b1bc26398ab2bbad8356832f82ecb672bdac99\"\u003e\u003ccode\u003e98b1bc2\u003c/code\u003e\u003c/a\u003e Remove link trailing dot (\u003ca href=\"https://redirect.github.com/julia-actions/julia-buildpkg/issues/51\"\u003e#51\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/julia-actions/julia-buildpkg/commit/cec9c38577547b8b499108bf9ce5ec617e547857\"\u003e\u003ccode\u003ecec9c38\u003c/code\u003e\u003c/a\u003e Bump actions/cache from 3 to 4 (\u003ca href=\"https://redirect.github.com/julia-actions/julia-buildpkg/issues/50\"\u003e#50\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/julia-actions/julia-buildpkg/compare/90dd6f23eb49626e4e6612cb9d64d456f86e6a1c...e3eb439fad4f9aba7da2667e7510e4a46ebc46e1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `codecov/codecov-action` from 5.5.2 to 5.5.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/codecov/codecov-action/releases\"\u003ecodecov/codecov-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.5.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump actions/github-script from 7.0.1 to 8.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1874\"\u003ecodecov/codecov-action#1874\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(release): bump to 5.5.3 by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1922\"\u003ecodecov/codecov-action#1922\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.5.2...v5.5.3\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.5.2...v5.5.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md\"\u003ecodecov/codecov-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.5.2\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.5.1\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: overwrite pr number on fork by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1871\"\u003ecodecov/codecov-action#1871\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.2.2 to 5.0.0 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1868\"\u003ecodecov/codecov-action#1868\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1867\"\u003ecodecov/codecov-action#1867\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update to use local app/ dir by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1872\"\u003ecodecov/codecov-action#1872\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix typo in README by \u003ca href=\"https://github.com/datalater\"\u003e\u003ccode\u003e@​datalater\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1866\"\u003ecodecov/codecov-action#1866\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument a \u003ccode\u003ecodecov-cli\u003c/code\u003e version reference example by \u003ca href=\"https://github.com/webknjaz\"\u003e\u003ccode\u003e@​webknjaz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1774\"\u003ecodecov/codecov-action#1774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1861\"\u003ecodecov/codecov-action#1861\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1833\"\u003ecodecov/codecov-action#1833\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.5.0\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: upgrade wrapper to 0.2.4 by \u003ca href=\"https://github.com/jviall\"\u003e\u003ccode\u003e@​jviall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1864\"\u003ecodecov/codecov-action#1864\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin actions/github-script by Git SHA by \u003ca href=\"https://github.com/martincostello\"\u003e\u003ccode\u003e@​martincostello\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1859\"\u003ecodecov/codecov-action#1859\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: check reqs exist by \u003ca href=\"https://github.com/joseph-sentry\"\u003e\u003ccode\u003e@​joseph-sentry\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1835\"\u003ecodecov/codecov-action#1835\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Typo in README by \u003ca href=\"https://github.com/spalmurray\"\u003e\u003ccode\u003e@​spalmurray\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1838\"\u003ecodecov/codecov-action#1838\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Refine OIDC docs by \u003ca href=\"https://github.com/spalmurray\"\u003e\u003ccode\u003e@​spalmurray\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1837\"\u003ecodecov/codecov-action#1837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1829\"\u003ecodecov/codecov-action#1829\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.4.3\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.17 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1822\"\u003ecodecov/codecov-action#1822\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: OIDC on forks by \u003ca href=\"https://github.com/joseph-sentry\"\u003e\u003ccode\u003e@​joseph-sentry\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1823\"\u003ecodecov/codecov-action#1823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.4.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-action/commit/1af58845a975a7985b0beb0cbe6fbbb71a41dbad\"\u003e\u003ccode\u003e1af5884\u003c/code\u003e\u003c/a\u003e chore(release): bump to 5.5.3 (\u003ca href=\"https://redirect.github.com/codecov/codecov-action/issues/1922\"\u003e#1922\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-action/commit/c143300dea6c9a730986ff862c5bf4d458927ef8\"\u003e\u003ccode\u003ec143300\u003c/code\u003e\u003c/a\u003e build(deps): bump actions/github-script from 7.0.1 to 8.0.0 (\u003ca href=\"https://redirect.github.com/codecov/codecov-action/issues/1874\"\u003e#1874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/codecov/codecov-action/compare/671740ac38dd9b0130fbe1cec585b89eea48d3de...1af58845a975a7985b0beb0cbe6fbbb71a41dbad\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 3.27.0 to 4.33.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.33.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3548\"\u003e#3548\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepositories owned by an organization can now set up the \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e custom repository property to disable \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis for CodeQL\u003c/a\u003e. First, create a custom repository property with the name \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e and the type \u0026quot;True/false\u0026quot; in the organization's settings. Then in the repository's settings, set this property to \u003ccode\u003etrue\u003c/code\u003e to disable improved incremental analysis. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. This feature is not yet available on GitHub Enterprise Server. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3507\"\u003e#3507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change so that when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e fails on a runner — potentially due to insufficient disk space — the failure is recorded in the Actions cache so that subsequent runs will automatically skip improved incremental analysis until something changes (e.g. a larger runner is provisioned or a new CodeQL version is released). We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3487\"\u003e#3487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe minimum memory check for improved incremental analysis is now skipped for CodeQL 2.24.3 and later, which has reduced peak RAM usage. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3515\"\u003e#3515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReduced log levels for best-effort private package registry connection check failures to reduce noise from workflow annotations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3516\"\u003e#3516\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which lowers the minimum disk space requirement for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e, enabling it to run on standard GitHub Actions runners. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3498\"\u003e#3498\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which allows the \u003ccode\u003estart-proxy\u003c/code\u003e action to resolve the CodeQL CLI version from feature flags instead of using the linked CLI bundle version. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3512\"\u003e#3512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe previously experimental changes from versions 4.32.3, 4.32.4, 3.32.3 and 3.32.4 are now enabled by default. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3503\"\u003e#3503\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3504\"\u003e#3504\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.2\"\u003e2.24.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3493\"\u003e#3493\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which improves how certificates are generated for the authentication proxy that is used by the CodeQL Action in Default Setup when \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e. This is expected to generate more widely compatible certificates and should have no impact on analyses which are working correctly already. We expect to roll this change out to everyone in February. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3473\"\u003e#3473\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen the CodeQL Action is run \u003ca href=\"https://docs.github.com/en/code-security/how-tos/scan-code-for-vulnerabilities/troubleshooting/troubleshooting-analysis-errors/logs-not-detailed-enough#creating-codeql-debugging-artifacts-for-codeql-default-setup\"\u003ewith debugging enabled in Default Setup\u003c/a\u003e and \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e, the \u0026quot;Setup proxy for registries\u0026quot; step will output additional diagnostic information that can be used for troubleshooting. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3486\"\u003e#3486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which allows the CodeQL Action to enable network debugging for Java programs. This will help GitHub staff support customers with troubleshooting issues in GitHub-managed CodeQL workflows, such as Default Setup. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3485\"\u003e#3485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which enables GitHub-managed workflows, such as Default Setup, to use a \u003ca href=\"https://github.com/dsp-testing/codeql-cli-nightlies\"\u003enightly CodeQL CLI release\u003c/a\u003e instead of the latest, stable release that is used by default. This will help GitHub staff support customers whose analyses for a given repository or organization require early access to a change in an upcoming CodeQL CLI release. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3484\"\u003e#3484\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded experimental support for testing connections to \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for Default Setup. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3466\"\u003e#3466\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.1\"\u003e2.24.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3460\"\u003e#3460\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eA warning is now shown in Default Setup workflow logs if a \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registry is configured\u003c/a\u003e using a GitHub Personal Access Token (PAT), but no username is configured. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3422\"\u003e#3422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug which caused the CodeQL Action to fail when repository properties cannot successfully be retrieved. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3421\"\u003e#3421\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.0\"\u003e2.24.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3425\"\u003e#3425\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.31.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWhen running a Default Setup workflow with \u003ca href=\"https://docs.github.com/en/actions/how-tos/monitor-workflows/enable-debug-logging\"\u003eActions debugging enabled\u003c/a\u003e, the CodeQL Action will now use more unique names when uploading logs from the Dependabot authentication proxy as workflow artifacts. This ensures that the artifact names do not clash between multiple jobs in a build matrix. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3409\"\u003e#3409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved error handling throughout the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3415\"\u003e#3415\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded experimental support for automatically excluding \u003ca href=\"https://docs.github.com/en/repositories/working-with-files/managing-files/customizing-how-changed-files-appear-on-github\"\u003egenerated files\u003c/a\u003e from the analysis. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for some GitHub-managed analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3318\"\u003e#3318\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe changelog extracts that are included with releases of the CodeQL Action are now shorter to avoid duplicated information from appearing in Dependabot PRs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3403\"\u003e#3403\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/b1bff81932f5cdfc8695c7752dcee935dcd061c8\"\u003e\u003ccode\u003eb1bff81\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3574\"\u003e#3574\u003c/a\u003e from github/update-v4.32.7-7dd76e6bf\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e682234222f60d9549e37004a04a8f097bbd5798\"\u003e\u003ccode\u003ee682234\u003c/code\u003e\u003c/a\u003e Add changelog entry for \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3570\"\u003e#3570\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/95be291f41a39216811b3ce1a63a8df71d40d405\"\u003e\u003ccode\u003e95be291\u003c/code\u003e\u003c/a\u003e Bump minor version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/59bcb6025e4788109a6bb8f7ac4ad9c6a8d6beeb\"\u003e\u003ccode\u003e59bcb60\u003c/code\u003e\u003c/a\u003e Update changelog for v4.32.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7dd76e6bf79d24133aa649887a6ee01d8b063816\"\u003e\u003ccode\u003e7dd76e6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3572\"\u003e#3572\u003c/a\u003e from github/mbg/pr-checks/eslint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e3200e331bf51e47d45a8a5645d2a125c8a8a643\"\u003e\u003ccode\u003ee3200e3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3563\"\u003e#3563\u003c/a\u003e from github/mbg/private-registry/oidc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/4c356c71a28eb968dbcf4fb717211e82f406874f\"\u003e\u003ccode\u003e4c356c7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3570\"\u003e#3570\u003c/a\u003e from github/mbg/repo-props/warn-on-unexpected-props\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/b4937c19e53d395cc647fe16c4e00788a4e7ded3\"\u003e\u003ccode\u003eb4937c1\u003c/code\u003e\u003c/a\u003e Only emit one message with accumulated property names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/136b8ab3777165e3ec7a19faa7ef9732ace305da\"\u003e\u003ccode\u003e136b8ab\u003c/code\u003e\u003c/a\u003e Remove \u003ccode\u003ecache-dependency-path\u003c/code\u003e options as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/a5aba5952cd5add76ec9f971654d61461a3ac2bd\"\u003e\u003ccode\u003ea5aba59\u003c/code\u003e\u003c/a\u003e Remove \u003ccode\u003epackage-lock.json\u003c/code\u003e that's no longer needed\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/v3.27.0...v4.33.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `erlef/setup-beam` from 1.17.5 to 1.23.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.23.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.23.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.22.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003emise.toml\u003c/code\u003e as \u003ccode\u003eversion-file\u003c/code\u003e (input) by \u003ca href=\"https://github.com/dinokovac-river\"\u003e\u003ccode\u003e@​dinokovac-river\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/415\"\u003eerlef/setup-beam#415\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDependabot updates\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/419\"\u003eerlef/setup-beam#419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/exec\u003c/code\u003e from 1.1.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/405\"\u003eerlef/setup-beam#405\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/tool-cache\u003c/code\u003e from 2.0.2 to 4.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/407\"\u003eerlef/setup-beam#407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​eslint/js\u003c/code\u003e from 9.38.0 to 10.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/404\"\u003eerlef/setup-beam#404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.1.0 to 6.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/409\"\u003eerlef/setup-beam#409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.2.0 to 6.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/423\"\u003eerlef/setup-beam#423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint from 10.0.1 to 10.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/420\"\u003eerlef/setup-beam#420\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint-plugin-yml from 1.18.0 to 3.3.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/418\"\u003eerlef/setup-beam#418\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump globals from 17.3.0 to 17.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/421\"\u003eerlef/setup-beam#421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump markdownlint-cli from 0.47.0 to 0.48.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/422\"\u003eerlef/setup-beam#422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump prettier from 3.6.2 to 3.8.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/408\"\u003eerlef/setup-beam#408\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.0 to 2.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/410\"\u003eerlef/setup-beam#410\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.1 to 2.1.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/424\"\u003eerlef/setup-beam#424\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003e\u003ccode\u003eee09b1e\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to f8b54b5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/f8b54b559e6123caaab7f1aa113f60a5fad786e6\"\u003e\u003ccode\u003ef8b54b5\u003c/code\u003e\u003c/a\u003e Run ARM-specific tests consistently (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/434\"\u003e#434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf1ce7403467d283c9c2f605633ef849ed3781c8\"\u003e\u003ccode\u003ebf1ce74\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 559a930\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/559a93075107e8996bed015071364d5b82de6c9a\"\u003e\u003ccode\u003e559a930\u003c/code\u003e\u003c/a\u003e Bump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 director...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/1380ebe712baba142b98b84cf8d62c5235dfafc3\"\u003e\u003ccode\u003e1380ebe\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 0a54959\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/0a549596b00a62e47fdaf801584216a26b1831e8\"\u003e\u003ccode\u003e0a54959\u003c/code\u003e\u003c/a\u003e Compatibility matrix strategy (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/389\"\u003e#389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/3a3c94fd9e9380e45cecff3ab9f5b6b9e0d2f6da\"\u003e\u003ccode\u003e3a3c94f\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to cfafb69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/cfafb69dddf4265d6e7aa5232514b85b3f829076\"\u003e\u003ccode\u003ecfafb69\u003c/code\u003e\u003c/a\u003e feat: add Erlang problem matchers (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/433\"\u003e#433\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/b3cbb6afbf19923100205a2cc9ac78dbc5d87113\"\u003e\u003ccode\u003eb3cbb6a\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 2abe6cd\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/2abe6cda7aebef61794fefb3fb28ad5bab8bb158\"\u003e\u003ccode\u003e2abe6cd\u003c/code\u003e\u003c/a\u003e fix: download correct Gleam binary for macOS and Linux ARM64 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/428\"\u003e#428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/2f0cc07b4b9bea248ae098aba9e1a8a1de5ec24c...ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/github-script` from 7.0.1 to 8.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/github-script/releases\"\u003eactions/github-script's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Node.js version support to 24.x by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/637\"\u003eactions/github-script#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eREADME for updating actions/github-script from v7 to v8 by \u003ca href=\"https://github.com/sneha-krip\"\u003e\u003ccode\u003e@​sneha-krip\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/653\"\u003eactions/github-script#653\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eMake sure your runner is updated to this version or newer to use this release.\u003c/p\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/637\"\u003eactions/github-script#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sneha-krip\"\u003e\u003ccode\u003e@​sneha-krip\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/653\"\u003eactions/github-script#653\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/github-script/compare/v7.1.0...v8.0.0\"\u003ehttps://github.com/actions/github-script/compare/v7.1.0...v8.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade husky to v9 by \u003ca href=\"https://github.com/benelan\"\u003e\u003ccode\u003e@​benelan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/482\"\u003eactions/github-script#482\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd workflow file for publishing releases to immutable action package by \u003ca href=\"https://github.com/Jcambass\"\u003e\u003ccode\u003e@​Jcambass\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/485\"\u003eactions/github-script#485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade IA Publish by \u003ca href=\"https://github.com/Jcambass\"\u003e\u003ccode\u003e@​Jcambass\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/486\"\u003eactions/github-script#486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix workflow status badges by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/497\"\u003eactions/github-script#497\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate usage of \u003ccode\u003eactions/upload-artifact\u003c/code\u003e by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/512\"\u003eactions/github-script#512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClear up package name confusion by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/514\"\u003eactions/github-script#514\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate dependencies with \u003ccode\u003enpm audit fix\u003c/code\u003e by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/515\"\u003eactions/github-script#515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSpecify that the used script is JavaScript by \u003ca href=\"https://github.com/timotk\"\u003e\u003ccode\u003e@​timotk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/478\"\u003eactions/github-script#478\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Add Dependabot for NPM and Actions by \u003ca href=\"https://github.com/nschonni\"\u003e\u003ccode\u003e@​nschonni\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/472\"\u003eactions/github-script#472\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDefine \u003ccode\u003epermissions\u003c/code\u003e in workflows and update actions by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/531\"\u003eactions/github-script#531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Add Dependabot for .github/actions/install-dependencies by \u003ca href=\"https://github.com/nschonni\"\u003e\u003ccode\u003e@​nschonni\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/532\"\u003eactions/github-script#532\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Remove .vscode settings by \u003ca href=\"https://github.com/nschonni\"\u003e\u003ccode\u003e@​nschonni\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/533\"\u003eactions/github-script#533\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: Use github/setup-licensed by \u003ca href=\"https://github.com/nschonni\"\u003e\u003ccode\u003e@​nschonni\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/473\"\u003eactions/github-script#473\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003emake octokit instance available as octokit on top of github, to make it easier to seamlessly copy examples from GitHub rest api or octokit documentations by \u003ca href=\"https://github.com/iamstarkov\"\u003e\u003ccode\u003e@​iamstarkov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/508\"\u003eactions/github-script#508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003eoctokit\u003c/code\u003e README updates for v7 by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/557\"\u003eactions/github-script#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add \u0026quot;exec\u0026quot; usage examples by \u003ca href=\"https://github.com/neilime\"\u003e\u003ccode\u003e@​neilime\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/546\"\u003eactions/github-script#546\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump ruby/setup-ruby from 1.213.0 to 1.222.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/563\"\u003eactions/github-script#563\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump ruby/setup-ruby from 1.222.0 to 1.229.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/575\"\u003eactions/github-script#575\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClearly document passing inputs to the \u003ccode\u003escript\u003c/code\u003e by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/603\"\u003eactions/github-script#603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/610\"\u003eactions/github-script#610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benelan\"\u003e\u003ccode\u003e@​benelan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/482\"\u003eactions/github-script#482\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Jcambass\"\u003e\u003ccode\u003e@​Jcambass\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/485\"\u003eactions/github-script#485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/timotk\"\u003e\u003ccode\u003e@​timotk\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/478\"\u003eactions/github-script#478\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/iamstarkov\"\u003e\u003ccode\u003e@​iamstarkov\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/508\"\u003eactions/github-script#508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/neilime\"\u003e\u003ccode\u003e@​neilime\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/546\"\u003eactions/github-script#546\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/610\"\u003eactions/github-script#610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/github-script/compare/v7...v7.1.0\"\u003ehttps://github.com/actions/github-script/compare/v7...v7.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/ed597411d8f924073f98dfc5c65a23a2325f34cd\"\u003e\u003ccode\u003eed59741\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/github-script/issues/653\"\u003e#653\u003c/a\u003e from actions/sneha-krip/readme-for-v8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/2dc352e4baefd91bec0d06f6ae2f1045d1687ca3\"\u003e\u003ccode\u003e2dc352e\u003c/code\u003e\u003c/a\u003e Bold minimum Actions Runner version in README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/01e118c8d0d22115597e46514b5794e7bc3d56f1\"\u003e\u003ccode\u003e01e118c\u003c/code\u003e\u003c/a\u003e Update README for Node 24 runtime requirements\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/8b222ac82eda86dcad7795c9d49b839f7bf5b18b\"\u003e\u003ccode\u003e8b222ac\u003c/code\u003e\u003c/a\u003e Apply suggestion from \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/adc0eeac992408a7b276994ca87edde1c8ce4d25\"\u003e\u003ccode\u003eadc0eea\u003c/code\u003e\u003c/a\u003e README for updating actions/github-script from v7 to v8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/20fe497b3fe0c7be8aae5c9df711ac716dc9c425\"\u003e\u003ccode\u003e20fe497\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/github-script/issues/637\"\u003e#637\u003c/a\u003e from actions/node24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/e7b7f222b11a03e8b695c4c7afba89a02ea20164\"\u003e\u003ccode\u003ee7b7f22\u003c/code\u003e\u003c/a\u003e update licenses\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/2c81ba05f308415d095291e6eeffe983d822345b\"\u003e\u003ccode\u003e2c81ba0\u003c/code\u003e\u003c/a\u003e Update Node.js version support to 24.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/f28e40c7f34bde8b3046d885e986cb6290c5673b\"\u003e\u003ccode\u003ef28e40c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/github-script/issues/610\"\u003e#610\u003c/a\u003e from actions/nebuk89-patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/1ae9958572fde544457e4d51aed5ea044e8936f3\"\u003e\u003ccode\u003e1ae9958\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/github-script/compare/60a0d83039c74a4aee543508d2ffcb1c3799cdea...ed597411d8f924073f98dfc5c65a23a2325f34cd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webfactory/ssh-agent` from 0.9.1 to 0.10.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webfactory/ssh-agent/releases\"\u003ewebfactory/ssh-agent's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.10.0: Upgrade to node-24\u003c/h2\u003e\n\u003cp\u003eThis release upgrades from node 20 to node 24, preparing for Node 20's upcoming EOL and getting rid of the related warning message in GitHub.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003euse node24 by \u003ca href=\"https://github.com/jimmymcpeter\"\u003e\u003ccode\u003e@​jimmymcpeter\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webfactory/ssh-agent/pull/243\"\u003ewebfactory/ssh-agent#243\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jimmymcpeter\"\u003e\u003ccode\u003e@​jimmymcpeter\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/webfactory/ssh-agent/pull/243\"\u003ewebfactory/ssh-agent#243\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/webfactory/ssh-agent/compare/v0.9.1...v0.10.0\"\u003ehttps://github.com/webfactory/ssh-agent/compare/v0.9.1...v0.10.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webfactory/ssh-agent/commit/e83874834305fe9a4a2997156cb26c5de65a8555\"\u003e\u003ccode\u003ee838748\u003c/code\u003e\u003c/a\u003e use node24 (\u003ca href=\"https://redirect.github.com/webfactory/ssh-agent/issues/243\"\u003e#243\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/webfactory/ssh-agent/compare/a6f90b1f127823b31d4d4a8d96047790581349bd...e83874834305fe9a4a2997156cb26c5de65a8555\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `trufflesecurity/trufflehog` from 3.92.5 to 3.93.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/trufflesecurity/trufflehog/releases\"\u003etrufflesecurity/trufflehog's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.93.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: make LDAP verification context-aware by \u003ca href=\"https://github.com/mariduv\"\u003e\u003ccode\u003e@​mariduv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4768\"\u003etrufflesecurity/trufflehog#4768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStop growing filesystem resume data by \u003ca href=\"https://github.com/rosecodym\"\u003e\u003ccode\u003e@​rosecodym\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4797\"\u003etrufflesecurity/trufflehog#4797\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/trufflesecurity/trufflehog/compare/v3.93.7...v3.93.8\"\u003ehttps://github.com/trufflesecurity/trufflehog/compare/v3.93.7...v3.93.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.93.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[INS-331] Fix the issue causing the tests file system soruce tests to fail on windows by \u003ca href=\"https://github.com/MuneebUllahKhan222\"\u003e\u003ccode\u003e@​MuneebUllahKhan222\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4743\"\u003etrufflesecurity/trufflehog#4743\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThread original chunk data through engine pipeline by \u003ca href=\"https://github.com/dustin-decker\"\u003e\u003ccode\u003e@​dustin-decker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4780\"\u003etrufflesecurity/trufflehog#4780\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded detector for JFrog Artifactory Reference Tokens by \u003ca href=\"https://github.com/shahzadhaider1\"\u003e\u003ccode\u003e@​shahzadhaider1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4684\"\u003etrufflesecurity/trufflehog#4684\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix JDBC detector regex truncating trailing non-alphanumeric password characters by \u003ca href=\"https://github.com/amanfcp\"\u003e\u003ccode\u003e@​amanfcp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4755\"\u003etrufflesecurity/trufflehog#4755\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/trufflesecurity/trufflehog/compare/v3.93.6...v3.93.7\"\u003ehttps://github.com/trufflesecurity/trufflehog/compare/v3.93.6...v3.93.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.93.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH_TOKEN needed for gh by \u003ca href=\"https://github.com/bill-rich\"\u003e\u003ccode\u003e@​bill-rich\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4772\"\u003etrufflesecurity/trufflehog#4772\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMove verify flag into \u003ccode\u003edetectableChunk\u003c/code\u003e by \u003ca href=\"https://github.com/rosecodym\"\u003e\u003ccode\u003e@​rosecodym\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4558\"\u003etrufflesecurity/trufflehog#4558\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/trufflesecurity/trufflehog/compare/v3.93.5...v3.93.6\"\u003ehttps://github.com/trufflesecurity/trufflehog/compare/v3.93.5...v3.93.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.93.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd workspace_id to Slack Continuous metadata by \u003ca href=\"https://github.com/mariduv\"\u003e\u003ccode\u003e@​mariduv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4749\"\u003etrufflesecurity/trufflehog#4749\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(release): Disable docker provenance feature by \u003ca href=\"https://github.com/mariduv\"\u003e\u003ccode\u003e@​mariduv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4752\"\u003etrufflesecurity/trufflehog#4752\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBase64 decoding depth assessment by \u003ca href=\"https://github.com/dxa4481\"\u003e\u003ccode\u003e@​dxa4481\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4744\"\u003etrufflesecurity/trufflehog#4744\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[INS-246] Add Google Gemini API key detector by \u003ca href=\"https://github.com/mustansir14\"\u003e\u003ccode\u003e@​mustansir14\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4649\"\u003etrufflesecurity/trufflehog#4649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactor log package by \u003ca href=\"https://github.com/mcastorina\"\u003e\u003ccode\u003e@​mcastorina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4734\"\u003etrufflesecurity/trufflehog#4734\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[INS-309]updated google api version to v0.259.0 by \u003ca href=\"https://github.com/MuneebUllahKhan222\"\u003e\u003ccode\u003e@​MuneebUllahKhan222\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4736\"\u003etrufflesecurity/trufflehog#4736\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(ftp): set read deadline on connection to prevent indefinite hang by \u003ca href=\"https://github.com/dylanTruffle\"\u003e\u003ccode\u003e@​dylanTruffle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4759\"\u003etrufflesecurity/trufflehog#4759\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eadded rotation on 403s access_refused, this detector considered them indeterminate failures by \u003ca href=\"https://github.com/jordanTunstill\"\u003e\u003ccode\u003e@​jordanTunstill\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4740\"\u003etrufflesecurity/trufflehog#4740\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[INS-283] Support following symlinks in filesystem source by \u003ca href=\"https://github.com/MuneebUllahKhan222\"\u003e\u003ccode\u003e@​MuneebUllahKhan222\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4742\"\u003etrufflesecurity/trufflehog#4742\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typos in comments in json-enumerator source by \u003ca href=\"https://github.com/bradlarsen\"\u003e\u003ccode\u003e@​bradlarsen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4764\"\u003etrufflesecurity/trufflehog#4764\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix race condition in release process by \u003ca href=\"https://github.com/bill-rich\"\u003e\u003ccode\u003e@​bill-rich\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4766\"\u003etrufflesecurity/trufflehog#4766\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/trufflesecurity/trufflehog/compare/v3.93.4...v3.93.5\"\u003ehttps://github.com/trufflesecurity/trufflehog/compare/v3.93.4...v3.93.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.93.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd a new NDJSON / JSONL input source by \u003ca href=\"https://github.com/bradlarsen\"\u003e\u003ccode\u003e@​bradlarsen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4721\"\u003etrufflesecurity/trufflehog#4721\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typo in CODEOWNERS for pkg/analyzer by \u003ca href=\"https://github.com/shahzadhaider1\"\u003e\u003ccode\u003e@​shahzadhaider1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4748\"\u003etrufflesecurity/trufflehog#4748\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePre-allocate anthropic analyzer bindings slice capacity with zero length by \u003ca href=\"https://github.com/kashifkhan0771\"\u003e\u003ccode\u003e@​kashifkhan0771\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4746\"\u003etrufflesecurity/trufflehog#4746\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMade indeterminate error for JWT detector determinate by \u003ca href=\"https://github.com/jordanTunstill\"\u003e\u003ccode\u003e@​jordanTunstill\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4745\"\u003etrufflesecurity/trufflehog#4745\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOptimize the regex pattern in the artifactory access token detector by \u003ca href=\"https://github.com/shahzadhaider1\"\u003e\u003ccode\u003e@​shahzadhaider1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4685\"\u003etrufflesecurity/trufflehog#4685\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trufflesecurity/trufflehog/commit/6c05c4a00b91aa542267d8e32a8254774799d68d\"\u003e\u003ccode\u003e6c05c4a\u003c/code\u003e\u003c/a\u003e Stop growing filesystem resume data (\u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/issues/4797\"\u003e#4797\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trufflesecurity/trufflehog/commit/ef63d66d58bb7317d9b220b02af5beae569835ee\"\u003e\u003ccode\u003eef63d66\u003c/code\u003e\u003c/a\u003e fix: make LDAP verification context-aware (\u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/issues/4768\"\u003e#4768\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trufflesecurity/trufflehog/commit/c3e599b7163e8198a55467f3133db0e7b2a492cb\"\u003e\u003ccode\u003ec3e599b\u003c/code\u003e\u003c/a\u003e fix JDBC detector regex truncating trailing non-alphanumeric password charact...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trufflesecurity/trufflehog/commit/71c48afda84ff44a58a04bf76e0520398ac21778\"\u003e\u003ccode\u003e71c48af\u003c/code\u003e\u003c/a\u003e Added detector for JFrog Artifactory Reference Tokens (\u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/issues/4684\"\u003e#4684\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trufflesecurity/trufflehog/commit/648aca62d5437454d477426fb20c29f402c06a4e\"\u003e\u003ccode\u003e648aca6\u003c/code\u003e\u003c/a\u003e Thread original chunk data through engine pipeline (\u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/issues/4780\"\u003e#4780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trufflesecurity/trufflehog/commit/8df943f8298b6d3e45e6f01cc8f404efff8c109d\"\u003e\u003ccode\u003e8df943f\u003c/code\u003e\u003c/a\u003e [INS-331] Fix the issue causing the tests file system soruce tests to fail on...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trufflesecurity/trufflehog/commit/041f07e9df901a1038a528e5525b0226d04dd5ea\"\u003e\u003ccode\u003e041f07e\u003c/code\u003e\u003c/a\u003e Move verify flag into \u003ccode\u003edetectableChunk\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/issues/4558\"\u003e#4558\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trufflesecurity/trufflehog/commit/e9766030579a154b66f27fcaf0ca92e5a61426cf\"\u003e\u003ccode\u003ee976603\u003c/code\u003e\u003c/a\u003e GH_TOKEN needed for gh (\u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/issues/4772\"\u003e#4772\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trufflesecurity/trufflehog/commit/7cdc7ef878439f74842c00422c65ab864ed83125\"\u003e\u003ccode\u003e7cdc7ef\u003c/code\u003e\u003c/a\u003e Fix race condition in release process (\u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/issues/4766\"\u003e#4766\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trufflesecurity/trufflehog/commit/4f1d07f7c3bbc209ce0608d6b611e8a6031cc778\"\u003e\u003ccode\u003e4f1d07f\u003c/code\u003e\u003c/a\u003e Fix typos in comments in json-enumerator source (\u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/issues/4764\"\u003e#4764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/trufflesecurity/trufflehog/compare/v3.92.5...6c05c4a00b91aa542267d8e32a8254774799d68d\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/download-artifact` from 4.3.0 to 8.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/download-artifact/releases\"\u003eactions/download-artifact's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for CJK characters in the artifact name by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/download-artifact/pull/471\"\u003eactions/download-artifact#471\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd a regression test for artifact name + content-type mismatches by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/download-artifact/pull/472\"\u003eactions/download-artifact#472\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/download-artifact/compare/v8...v8.0.1\"\u003ehttps://github.com/actions/download-artifact/compare/v8...v8.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev8.0.0\u003c/h2\u003e\n\u003ch2\u003ev8 - What's new\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\nactions/download-artifact@v8 has been migrated to an ESM module. This should be transparent to the caller but forks might need to make significant changes.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\nHash mismatches will now error by default. Users can override this behavior with a setting change (see below).\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eDirect downloads\u003c/h3\u003e\n\u003cp\u003eTo support direct uploads in \u003ccode\u003eactions/upload-artifact\u003c/code\u003e, the action will no longer attempt to unzip all downloaded files. Instead, the action checks the \u003ccode\u003eContent-Type\u003c/code\u003e header ahead of unzipping and skips non-zipped files. Callers wishing to download a zipped file as-is can also set the new \u003ccode\u003eskip-decompress\u003c/code\u003e parameter to \u003ccode\u003etrue\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eEnforced checks (breaking)\u003c/h3\u003e\n\u003cp\u003eA previous release introduced digest checks on the download. If a download hash didn't match the expected hash from the server, the action would log a warning. Callers can now configure the behavior on mismatch with the \u003ccode\u003edigest-mismatch\u003c/code\u003e parameter. To be secure by default, we are now defaulting the behavior to \u003ccode\u003eerror\u003c/code\u003e which will fail the w...\n\n_Description has been truncated_","html_url":"https://github.com/hyperpolymath/Causals.jl/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyperpolymath%2FCausals.jl/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"},{"uuid":"4097779125","node_id":"PR_kwDORjyz_M7Lq5Gh","number":2,"state":"open","title":"chore(deps): bump the actions group with 9 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-18T21:21:05.000Z","updated_at":"2026-03-25T23:25:37.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"actions","update_count":9,"packages":[{"name":"actions/checkout","old_version":"4.1.1","new_version":"6.0.2","repository_url":"https://github.com/actions/checkout"},{"name":"github/codeql-action","old_version":"4.31.10","new_version":"4.33.0","repository_url":"https://github.com/github/codeql-action"},{"name":"erlef/setup-beam","old_version":"1.17.5","new_version":"1.23.0","repository_url":"https://github.com/erlef/setup-beam"},{"name":"actions/github-script","old_version":"7.0.1","new_version":"8.0.0","repository_url":"https://github.com/actions/github-script"},{"name":"webfactory/ssh-agent","old_version":"0.9.1","new_version":"0.10.0","repository_url":"https://github.com/webfactory/ssh-agent"},{"name":"trufflesecurity/trufflehog","old_version":"3.92.5","new_version":"3.93.8","repository_url":"https://github.com/trufflesecurity/trufflehog"},{"name":"julia-actions/cache","old_version":"e8472695fb3c2028b1118dc399c8440ff497d409","new_version":"b56ac815fc0bb3999501ca86291fa3d875c622ee","repository_url":"https://github.com/julia-actions/cache"},{"name":"actions/download-artifact","old_version":"4.3.0","new_version":"8.0.1","repository_url":"https://github.com/actions/download-artifact"},{"name":"softprops/action-gh-release","old_version":"2.2.2","new_version":"2.6.1","repository_url":"https://github.com/softprops/action-gh-release"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 9 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [actions/checkout](https://github.com/actions/checkout) | `4.1.1` | `6.0.2` |\n| [github/codeql-action](https://github.com/github/codeql-action) | `4.31.10` | `4.33.0` |\n| [erlef/setup-beam](https://github.com/erlef/setup-beam) | `1.17.5` | `1.23.0` |\n| [actions/github-script](https://github.com/actions/github-script) | `7.0.1` | `8.0.0` |\n| [webfactory/ssh-agent](https://github.com/webfactory/ssh-agent) | `0.9.1` | `0.10.0` |\n| [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) | `3.92.5` | `3.93.8` |\n| [julia-actions/cache](https://github.com/julia-actions/cache) | `e8472695fb3c2028b1118dc399c8440ff497d409` | `b56ac815fc0bb3999501ca86291fa3d875c622ee` |\n| [actions/download-artifact](https://github.com/actions/download-artifact) | `4.3.0` | `8.0.1` |\n| [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `2.2.2` | `2.6.1` |\n\nUpdates `actions/checkout` from 4.1.1 to 6.0.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/releases\"\u003eactions/checkout's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set by \u003ca href=\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2355\"\u003eactions/checkout#2355\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix tag handling: preserve annotations and explicit fetch-tags by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2356\"\u003eactions/checkout#2356\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v6.0.1...v6.0.2\"\u003ehttps://github.com/actions/checkout/compare/v6.0.1...v6.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate all references from v5 and v4 to v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2314\"\u003eactions/checkout#2314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd worktree support for persist-credentials includeIf by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2327\"\u003eactions/checkout#2327\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify v6 README by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2328\"\u003eactions/checkout#2328\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v6...v6.0.1\"\u003ehttps://github.com/actions/checkout/compare/v6...v6.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev6-beta by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2298\"\u003eactions/checkout#2298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate readme/changelog for v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2311\"\u003eactions/checkout#2311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/checkout/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6-beta\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eUpdated persist-credentials to store the credentials under \u003ccode\u003e$RUNNER_TEMP\u003c/code\u003e instead of directly in the local git config.\u003c/p\u003e\n\u003cp\u003eThis requires a minimum Actions Runner version of \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.329.0\"\u003ev2.329.0\u003c/a\u003e to access the persisted credentials for \u003ca href=\"https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action\"\u003eDocker container action\u003c/a\u003e scenarios.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5...v5.0.1\"\u003ehttps://github.com/actions/checkout/compare/v5...v5.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare v5.0.0 release by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2238\"\u003eactions/checkout#2238\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/blob/main/CHANGELOG.md\"\u003eactions/checkout's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix tag handling: preserve annotations and explicit fetch-tags by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2356\"\u003eactions/checkout#2356\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd worktree support for persist-credentials includeIf by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2327\"\u003eactions/checkout#2327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca href=\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca href=\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca href=\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdjust positioning of user email note and permissions heading by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2044\"\u003eactions/checkout#2044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2194\"\u003eactions/checkout#2194\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CODEOWNERS for actions by \u003ca href=\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2224\"\u003eactions/checkout#2224\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate package dependencies by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2236\"\u003eactions/checkout#2236\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eurl-helper.ts\u003c/code\u003e now leverages well-known environment variables by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1941\"\u003eactions/checkout#1941\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpand unit test coverage for \u003ccode\u003eisGhes\u003c/code\u003e by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1946\"\u003eactions/checkout#1946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck out other refs/* by commit if provided, fall back to ref by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1924\"\u003eactions/checkout#1924\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Ref and Commit outputs by \u003ca href=\"https://github.com/lucacome\"\u003e\u003ccode\u003e@​lucacome\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1180\"\u003eactions/checkout#1180\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDependency updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e- \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1777\"\u003eactions/checkout#1777\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1872\"\u003eactions/checkout#1872\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump the minor-npm-dependencies group across 1 directory with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1739\"\u003eactions/checkout#1739\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 3 to 4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1697\"\u003eactions/checkout#1697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCheck out other refs/* by commit by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1774\"\u003eactions/checkout#1774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin actions/checkout's own workflows to a known, good, stable version. by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1776\"\u003eactions/checkout#1776\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck platform to set archive extension appropriately by \u003ca href=\"https://github.com/cory-miller\"\u003e\u003ccode\u003e@​cory-miller\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1732\"\u003eactions/checkout#1732\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003e\u003ccode\u003ede0fac2\u003c/code\u003e\u003c/a\u003e Fix tag handling: preserve annotations and explicit fetch-tags (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2356\"\u003e#2356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49\"\u003e\u003ccode\u003e064fe7f\u003c/code\u003e\u003c/a\u003e Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8\"\u003e\u003ccode\u003e8e8c483\u003c/code\u003e\u003c/a\u003e Clarify v6 README (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2328\"\u003e#2328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1\"\u003e\u003ccode\u003e033fa0d\u003c/code\u003e\u003c/a\u003e Add worktree support for persist-credentials includeIf (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2327\"\u003e#2327\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5\"\u003e\u003ccode\u003ec2d88d3\u003c/code\u003e\u003c/a\u003e Update all references from v5 and v4 to v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2314\"\u003e#2314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3\"\u003e\u003ccode\u003e1af3b93\u003c/code\u003e\u003c/a\u003e update readme/changelog for v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2311\"\u003e#2311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e\"\u003e\u003ccode\u003e71cf226\u003c/code\u003e\u003c/a\u003e v6-beta (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2298\"\u003e#2298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e\"\u003e\u003ccode\u003e069c695\u003c/code\u003e\u003c/a\u003e Persist creds to a separate file (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2286\"\u003e#2286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493\"\u003e\u003ccode\u003eff7abcd\u003c/code\u003e\u003c/a\u003e Update README to include Node.js 24 support details and requirements (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8\"\u003e\u003ccode\u003e08c6903\u003c/code\u003e\u003c/a\u003e Prepare v5.0.0 release (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2238\"\u003e#2238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/checkout/compare/v4.1.1...de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 4.31.10 to 4.33.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.33.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3548\"\u003e#3548\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepositories owned by an organization can now set up the \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e custom repository property to disable \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis for CodeQL\u003c/a\u003e. First, create a custom repository property with the name \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e and the type \u0026quot;True/false\u0026quot; in the organization's settings. Then in the repository's settings, set this property to \u003ccode\u003etrue\u003c/code\u003e to disable improved incremental analysis. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. This feature is not yet available on GitHub Enterprise Server. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3507\"\u003e#3507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change so that when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e fails on a runner — potentially due to insufficient disk space — the failure is recorded in the Actions cache so that subsequent runs will automatically skip improved incremental analysis until something changes (e.g. a larger runner is provisioned or a new CodeQL version is released). We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3487\"\u003e#3487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe minimum memory check for improved incremental analysis is now skipped for CodeQL 2.24.3 and later, which has reduced peak RAM usage. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3515\"\u003e#3515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReduced log levels for best-effort private package registry connection check failures to reduce noise from workflow annotations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3516\"\u003e#3516\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which lowers the minimum disk space requirement for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e, enabling it to run on standard GitHub Actions runners. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3498\"\u003e#3498\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which allows the \u003ccode\u003estart-proxy\u003c/code\u003e action to resolve the CodeQL CLI version from feature flags instead of using the linked CLI bundle version. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3512\"\u003e#3512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe previously experimental changes from versions 4.32.3, 4.32.4, 3.32.3 and 3.32.4 are now enabled by default. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3503\"\u003e#3503\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3504\"\u003e#3504\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.2\"\u003e2.24.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3493\"\u003e#3493\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which improves how certificates are generated for the authentication proxy that is used by the CodeQL Action in Default Setup when \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e. This is expected to generate more widely compatible certificates and should have no impact on analyses which are working correctly already. We expect to roll this change out to everyone in February. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3473\"\u003e#3473\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen the CodeQL Action is run \u003ca href=\"https://docs.github.com/en/code-security/how-tos/scan-code-for-vulnerabilities/troubleshooting/troubleshooting-analysis-errors/logs-not-detailed-enough#creating-codeql-debugging-artifacts-for-codeql-default-setup\"\u003ewith debugging enabled in Default Setup\u003c/a\u003e and \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e, the \u0026quot;Setup proxy for registries\u0026quot; step will output additional diagnostic information that can be used for troubleshooting. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3486\"\u003e#3486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which allows the CodeQL Action to enable network debugging for Java programs. This will help GitHub staff support customers with troubleshooting issues in GitHub-managed CodeQL workflows, such as Default Setup. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3485\"\u003e#3485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which enables GitHub-managed workflows, such as Default Setup, to use a \u003ca href=\"https://github.com/dsp-testing/codeql-cli-nightlies\"\u003enightly CodeQL CLI release\u003c/a\u003e instead of the latest, stable release that is used by default. This will help GitHub staff support customers whose analyses for a given repository or organization require early access to a change in an upcoming CodeQL CLI release. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3484\"\u003e#3484\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded experimental support for testing connections to \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for Default Setup. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3466\"\u003e#3466\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.1\"\u003e2.24.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3460\"\u003e#3460\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eA warning is now shown in Default Setup workflow logs if a \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registry is configured\u003c/a\u003e using a GitHub Personal Access Token (PAT), but no username is configured. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3422\"\u003e#3422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug which caused the CodeQL Action to fail when repository properties cannot successfully be retrieved. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3421\"\u003e#3421\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.0\"\u003e2.24.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3425\"\u003e#3425\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.31.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWhen running a Default Setup workflow with \u003ca href=\"https://docs.github.com/en/actions/how-tos/monitor-workflows/enable-debug-logging\"\u003eActions debugging enabled\u003c/a\u003e, the CodeQL Action will now use more unique names when uploading logs from the Dependabot authentication proxy as workflow artifacts. This ensures that the artifact names do not clash between multiple jobs in a build matrix. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3409\"\u003e#3409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved error handling throughout the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3415\"\u003e#3415\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded experimental support for automatically excluding \u003ca href=\"https://docs.github.com/en/repositories/working-with-files/managing-files/customizing-how-changed-files-appear-on-github\"\u003egenerated files\u003c/a\u003e from the analysis. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for some GitHub-managed analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3318\"\u003e#3318\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe changelog extracts that are included with releases of the CodeQL Action are now shorter to avoid duplicated information from appearing in Dependabot PRs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3403\"\u003e#3403\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.33.0 - 16 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.6 - 05 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3548\"\u003e#3548\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.5 - 02 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepositories owned by an organization can now set up the \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e custom repository property to disable \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis for CodeQL\u003c/a\u003e. First, create a custom repository property with the name \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e and the type \u0026quot;True/false\u0026quot; in the organization's settings. Then in the repository's settings, set this property to \u003ccode\u003etrue\u003c/code\u003e to disable improved incremental analysis. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. This feature is not yet available on GitHub Enterprise Server. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3507\"\u003e#3507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change so that when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e fails on a runner — potentially due to insufficient disk space — the failure is recorded in the Actions cache so that subsequent runs will automatically skip improved incremental analysis until something changes (e.g. a larger runner is provisioned or a new CodeQL version is released). We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3487\"\u003e#3487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe minimum memory check for improved incremental analysis is now skipped for CodeQL 2.24.3 and later, which has reduced peak RAM usage. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3515\"\u003e#3515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReduced log levels for best-effort private package registry connection check failures to reduce noise from workflow annotations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3516\"\u003e#3516\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which lowers the minimum disk space requirement for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e, enabling it to run on standard GitHub Actions runners. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3498\"\u003e#3498\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which allows the \u003ccode\u003estart-proxy\u003c/code\u003e action to resolve the CodeQL CLI version from feature flags instead of using the linked CLI bundle version. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3512\"\u003e#3512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe previously experimental changes from versions 4.32.3, 4.32.4, 3.32.3 and 3.32.4 are now enabled by default. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3503\"\u003e#3503\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3504\"\u003e#3504\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.4 - 20 Feb 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.2\"\u003e2.24.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3493\"\u003e#3493\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which improves how certificates are generated for the authentication proxy that is used by the CodeQL Action in Default Setup when \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e. This is expected to generate more widely compatible certificates and should have no impact on analyses which are working correctly already. We expect to roll this change out to everyone in February. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3473\"\u003e#3473\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen the CodeQL Action is run \u003ca href=\"https://docs.github.com/en/code-security/how-tos/scan-code-for-vulnerabilities/troubleshooting/troubleshooting-analysis-errors/logs-not-detailed-enough#creating-codeql-debugging-artifacts-for-codeql-default-setup\"\u003ewith debugging enabled in Default Setup\u003c/a\u003e and \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e, the \u0026quot;Setup proxy for registries\u0026quot; step will output additional diagnostic information that can be used for troubleshooting. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3486\"\u003e#3486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which allows the CodeQL Action to enable network debugging for Java programs. This will help GitHub staff support customers with troubleshooting issues in GitHub-managed CodeQL workflows, such as Default Setup. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3485\"\u003e#3485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which enables GitHub-managed workflows, such as Default Setup, to use a \u003ca href=\"https://github.com/dsp-testing/codeql-cli-nightlies\"\u003enightly CodeQL CLI release\u003c/a\u003e instead of the latest, stable release that is used by default. This will help GitHub staff support customers whose analyses for a given repository or organization require early access to a change in an upcoming CodeQL CLI release. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3484\"\u003e#3484\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.3 - 13 Feb 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded experimental support for testing connections to \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for Default Setup. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3466\"\u003e#3466\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.2 - 05 Feb 2026\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/b1bff81932f5cdfc8695c7752dcee935dcd061c8\"\u003e\u003ccode\u003eb1bff81\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3574\"\u003e#3574\u003c/a\u003e from github/update-v4.32.7-7dd76e6bf\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e682234222f60d9549e37004a04a8f097bbd5798\"\u003e\u003ccode\u003ee682234\u003c/code\u003e\u003c/a\u003e Add changelog entry for \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3570\"\u003e#3570\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/95be291f41a39216811b3ce1a63a8df71d40d405\"\u003e\u003ccode\u003e95be291\u003c/code\u003e\u003c/a\u003e Bump minor version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/59bcb6025e4788109a6bb8f7ac4ad9c6a8d6beeb\"\u003e\u003ccode\u003e59bcb60\u003c/code\u003e\u003c/a\u003e Update changelog for v4.32.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7dd76e6bf79d24133aa649887a6ee01d8b063816\"\u003e\u003ccode\u003e7dd76e6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3572\"\u003e#3572\u003c/a\u003e from github/mbg/pr-checks/eslint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e3200e331bf51e47d45a8a5645d2a125c8a8a643\"\u003e\u003ccode\u003ee3200e3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3563\"\u003e#3563\u003c/a\u003e from github/mbg/private-registry/oidc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/4c356c71a28eb968dbcf4fb717211e82f406874f\"\u003e\u003ccode\u003e4c356c7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3570\"\u003e#3570\u003c/a\u003e from github/mbg/repo-props/warn-on-unexpected-props\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/b4937c19e53d395cc647fe16c4e00788a4e7ded3\"\u003e\u003ccode\u003eb4937c1\u003c/code\u003e\u003c/a\u003e Only emit one message with accumulated property names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/136b8ab3777165e3ec7a19faa7ef9732ace305da\"\u003e\u003ccode\u003e136b8ab\u003c/code\u003e\u003c/a\u003e Remove \u003ccode\u003ecache-dependency-path\u003c/code\u003e options as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/a5aba5952cd5add76ec9f971654d61461a3ac2bd\"\u003e\u003ccode\u003ea5aba59\u003c/code\u003e\u003c/a\u003e Remove \u003ccode\u003epackage-lock.json\u003c/code\u003e that's no longer needed\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/v4.31.10...b1bff81932f5cdfc8695c7752dcee935dcd061c8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `erlef/setup-beam` from 1.17.5 to 1.23.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.23.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.23.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.22.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003emise.toml\u003c/code\u003e as \u003ccode\u003eversion-file\u003c/code\u003e (input) by \u003ca href=\"https://github.com/dinokovac-river\"\u003e\u003ccode\u003e@​dinokovac-river\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/415\"\u003eerlef/setup-beam#415\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDependabot updates\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/419\"\u003eerlef/setup-beam#419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/exec\u003c/code\u003e from 1.1.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/405\"\u003eerlef/setup-beam#405\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/tool-cache\u003c/code\u003e from 2.0.2 to 4.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/407\"\u003eerlef/setup-beam#407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​eslint/js\u003c/code\u003e from 9.38.0 to 10.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/404\"\u003eerlef/setup-beam#404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.1.0 to 6.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/409\"\u003eerlef/setup-beam#409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.2.0 to 6.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/423\"\u003eerlef/setup-beam#423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint from 10.0.1 to 10.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/420\"\u003eerlef/setup-beam#420\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint-plugin-yml from 1.18.0 to 3.3.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/418\"\u003eerlef/setup-beam#418\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump globals from 17.3.0 to 17.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/421\"\u003eerlef/setup-beam#421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump markdownlint-cli from 0.47.0 to 0.48.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/422\"\u003eerlef/setup-beam#422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump prettier from 3.6.2 to 3.8.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/408\"\u003eerlef/setup-beam#408\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.0 to 2.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/410\"\u003eerlef/setup-beam#410\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.1 to 2.1.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/424\"\u003eerlef/setup-beam#424\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003e\u003ccode\u003eee09b1e\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to f8b54b5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/f8b54b559e6123caaab7f1aa113f60a5fad786e6\"\u003e\u003ccode\u003ef8b54b5\u003c/code\u003e\u003c/a\u003e Run ARM-specific tests consistently (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/434\"\u003e#434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf1ce7403467d283c9c2f605633ef849ed3781c8\"\u003e\u003ccode\u003ebf1ce74\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 559a930\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/559a93075107e8996bed015071364d5b82de6c9a\"\u003e\u003ccode\u003e559a930\u003c/code\u003e\u003c/a\u003e Bump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 director...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/1380ebe712baba142b98b84cf8d62c5235dfafc3\"\u003e\u003ccode\u003e1380ebe\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 0a54959\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/0a549596b00a62e47fdaf801584216a26b1831e8\"\u003e\u003ccode\u003e0a54959\u003c/code\u003e\u003c/a\u003e Compatibility matrix strategy (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/389\"\u003e#389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/3a3c94fd9e9380e45cecff3ab9f5b6b9e0d2f6da\"\u003e\u003ccode\u003e3a3c94f\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to cfafb69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/cfafb69dddf4265d6e7aa5232514b85b3f829076\"\u003e\u003ccode\u003ecfafb69\u003c/code\u003e\u003c/a\u003e feat: add Erlang problem matchers (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/433\"\u003e#433\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/b3cbb6afbf19923100205a2cc9ac78dbc5d87113\"\u003e\u003ccode\u003eb3cbb6a\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 2abe6cd\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/2abe6cda7aebef61794fefb3fb28ad5bab8bb158\"\u003e\u003ccode\u003e2abe6cd\u003c/code\u003e\u003c/a\u003e fix: download correct Gleam binary for macOS and Linux ARM64 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/428\"\u003e#428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/2f0cc07b4b9bea248ae098aba9e1a8a1de5ec24c...ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/github-script` from 7.0.1 to 8.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/github-script/releases\"\u003eactions/github-script's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Node.js version support to 24.x by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/637\"\u003eactions/github-script#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eREADME for updating actions/github-script from v7 to v8 by \u003ca href=\"https://github.com/sneha-krip\"\u003e\u003ccode\u003e@​sneha-krip\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/653\"\u003eactions/github-script#653\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eMake sure your runner is updated to this version or newer to use this release.\u003c/p\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/637\"\u003eactions/github-script#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sneha-krip\"\u003e\u003ccode\u003e@​sneha-krip\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/653\"\u003eactions/github-script#653\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/github-script/compare/v7.1.0...v8.0.0\"\u003ehttps://github.com/actions/github-script/compare/v7.1.0...v8.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade husky to v9 by \u003ca href=\"https://github.com/benelan\"\u003e\u003ccode\u003e@​benelan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/482\"\u003eactions/github-script#482\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd workflow file for publishing releases to immutable action package by \u003ca href=\"https://github.com/Jcambass\"\u003e\u003ccode\u003e@​Jcambass\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/485\"\u003eactions/github-script#485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade IA Publish by \u003ca href=\"https://github.com/Jcambass\"\u003e\u003ccode\u003e@​Jcambass\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/486\"\u003eactions/github-script#486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix workflow status badges by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/497\"\u003eactions/github-script#497\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate usage of \u003ccode\u003eactions/upload-artifact\u003c/code\u003e by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/512\"\u003eactions/github-script#512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClear up package name confusion by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/514\"\u003eactions/github-script#514\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate dependencies with \u003ccode\u003enpm audit fix\u003c/code\u003e by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/515\"\u003eactions/github-script#515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSpecify that the used script is JavaScript by \u003ca href=\"https://github.com/timotk\"\u003e\u003ccode\u003e@​timotk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/478\"\u003eactions/github-script#478\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Add Dependabot for NPM and Actions by \u003ca href=\"https://github.com/nschonni\"\u003e\u003ccode\u003e@​nschonni\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/472\"\u003eactions/github-script#472\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDefine \u003ccode\u003epermissions\u003c/code\u003e in workflows and update actions by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/531\"\u003eactions/github-script#531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Add Dependabot for .github/actions/install-dependencies by \u003ca href=\"https://github.com/nschonni\"\u003e\u003ccode\u003e@​nschonni\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/532\"\u003eactions/github-script#532\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Remove .vscode settings by \u003ca href=\"https://github.com/nschonni\"\u003e\u003ccode\u003e@​nschonni\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/533\"\u003eactions/github-script#533\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: Use github/setup-licensed by \u003ca href=\"https://github.com/nschonni\"\u003e\u003ccode\u003e@​nschonni\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/473\"\u003eactions/github-script#473\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003emake octokit instance available as octokit on top of github, to make it easier to seamlessly copy examples from GitHub rest api or octokit documentations by \u003ca href=\"https://github.com/iamstarkov\"\u003e\u003ccode\u003e@​iamstarkov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/508\"\u003eactions/github-script#508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003eoctokit\u003c/code\u003e README updates for v7 by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/557\"\u003eactions/github-script#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add \u0026quot;exec\u0026quot; usage examples by \u003ca href=\"https://github.com/neilime\"\u003e\u003ccode\u003e@​neilime\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/546\"\u003eactions/github-script#546\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump ruby/setup-ruby from 1.213.0 to 1.222.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/563\"\u003eactions/github-script#563\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump ruby/setup-ruby from 1.222.0 to 1.229.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/575\"\u003eactions/github-script#575\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClearly document passing inputs to the \u003ccode\u003escript\u003c/code\u003e by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/603\"\u003eactions/github-script#603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/610\"\u003eactions/github-script#610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benelan\"\u003e\u003ccode\u003e@​benelan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/482\"\u003eactions/github-script#482\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Jcambass\"\u003e\u003ccode\u003e@​Jcambass\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/485\"\u003eactions/github-script#485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/timotk\"\u003e\u003ccode\u003e@​timotk\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/478\"\u003eactions/github-script#478\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/iamstarkov\"\u003e\u003ccode\u003e@​iamstarkov\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/508\"\u003eactions/github-script#508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/neilime\"\u003e\u003ccode\u003e@​neilime\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/546\"\u003eactions/github-script#546\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/610\"\u003eactions/github-script#610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/github-script/compare/v7...v7.1.0\"\u003ehttps://github.com/actions/github-script/compare/v7...v7.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/ed597411d8f924073f98dfc5c65a23a2325f34cd\"\u003e\u003ccode\u003eed59741\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/github-script/issues/653\"\u003e#653\u003c/a\u003e from actions/sneha-krip/readme-for-v8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/2dc352e4baefd91bec0d06f6ae2f1045d1687ca3\"\u003e\u003ccode\u003e2dc352e\u003c/code\u003e\u003c/a\u003e Bold minimum Actions Runner version in README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/01e118c8d0d22115597e46514b5794e7bc3d56f1\"\u003e\u003ccode\u003e01e118c\u003c/code\u003e\u003c/a\u003e Update README for Node 24 runtime requirements\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/8b222ac82eda86dcad7795c9d49b839f7bf5b18b\"\u003e\u003ccode\u003e8b222ac\u003c/code\u003e\u003c/a\u003e Apply suggestion from \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/adc0eeac992408a7b276994ca87edde1c8ce4d25\"\u003e\u003ccode\u003eadc0eea\u003c/code\u003e\u003c/a\u003e README for updating actions/github-script from v7 to v8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/20fe497b3fe0c7be8aae5c9df711ac716dc9c425\"\u003e\u003ccode\u003e20fe497\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/github-script/issues/637\"\u003e#637\u003c/a\u003e from actions/node24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/e7b7f222b11a03e8b695c4c7afba89a02ea20164\"\u003e\u003ccode\u003ee7b7f22\u003c/code\u003e\u003c/a\u003e update licenses\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/2c81ba05f308415d095291e6eeffe983d822345b\"\u003e\u003ccode\u003e2c81ba0\u003c/code\u003e\u003c/a\u003e Update Node.js version support to 24.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/f28e40c7f34bde8b3046d885e986cb6290c5673b\"\u003e\u003ccode\u003ef28e40c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/github-script/issues/610\"\u003e#610\u003c/a\u003e from actions/nebuk89-patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/1ae9958572fde544457e4d51aed5ea044e8936f3\"\u003e\u003ccode\u003e1ae9958\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/github-script/compare/60a0d83039c74a4aee543508d2ffcb1c3799cdea...ed597411d8f924073f98dfc5c65a23a2325f34cd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webfactory/ssh-agent` from 0.9.1 to 0.10.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webfactory/ssh-agent/releases\"\u003ewebfactory/ssh-agent's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.10.0: Upgrade to node-24\u003c/h2\u003e\n\u003cp\u003eThis release upgrades from node 20 to node 24, preparing for Node 20's upcoming EOL and getting rid of the related warning message in GitHub.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003euse node24 by \u003ca href=\"https://github.com/jimmymcpeter\"\u003e\u003ccode\u003e@​jimmymcpeter\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webfactory/ssh-agent/pull/243\"\u003ewebfactory/ssh-agent#243\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jimmymcpeter\"\u003e\u003ccode\u003e@​jimmymcpeter\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/webfactory/ssh-agent/pull/243\"\u003ewebfactory/ssh-agent#243\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/webfactory/ssh-agent/compare/v0.9.1...v0.10.0\"\u003ehttps://github.com/webfactory/ssh-agent/compare/v0.9.1...v0.10.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webfactory/ssh-agent/commit/e83874834305fe9a4a2997156cb26c5de65a8555\"\u003e\u003ccode\u003ee838748\u003c/code\u003e\u003c/a\u003e use node24 (\u003ca href=\"https://redirect.github.com/webfactory/ssh-agent/issues/243\"\u003e#243\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/webfactory/ssh-agent/compare/a6f90b1f127823b31d4d4a8d96047790581349bd...e83874834305fe9a4a2997156cb26c5de65a8555\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `trufflesecurity/trufflehog` from 3.92.5 to 3.93.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/trufflesecurity/trufflehog/releases\"\u003etrufflesecurity/trufflehog's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.93.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: make LDAP verification context-aware by \u003ca href=\"https://github.com/mariduv\"\u003e\u003ccode\u003e@​mariduv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4768\"\u003etrufflesecurity/trufflehog#4768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStop growing filesystem resume data by \u003ca href=\"https://github.com/rosecodym\"\u003e\u003ccode\u003e@​rosecodym\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4797\"\u003etrufflesecurity/trufflehog#4797\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/trufflesecurity/trufflehog/compare/v3.93.7...v3.93.8\"\u003ehttps://github.com/trufflesecurity/trufflehog/compare/v3.93.7...v3.93.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.93.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[INS-331] Fix the issue causing the tests file system soruce tests to fail on windows by \u003ca href=\"https://github.com/MuneebUllahKhan222\"\u003e\u003ccode\u003e@​MuneebUllahKhan222\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4743\"\u003etrufflesecurity/trufflehog#4743\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThread original chunk data through engine pipeline by \u003ca href=\"https://github.com/dustin-decker\"\u003e\u003ccode\u003e@​dustin-decker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4780\"\u003etrufflesecurity/trufflehog#4780\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded detector for JFrog Artifactory Reference Tokens by \u003ca href=\"https://github.com/shahzadhaider1\"\u003e\u003ccode\u003e@​shahzadhaider1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4684\"\u003etrufflesecurity/trufflehog#4684\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix JDBC detector regex truncating trailing non-alphanumeric password characters by \u003ca href=\"https://github.com/amanfcp\"\u003e\u003ccode\u003e@​amanfcp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4755\"\u003etrufflesecurity/trufflehog#4755\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/trufflesecurity/trufflehog/compare/v3.93.6...v3.93.7\"\u003ehttps://github.com/trufflesecurity/trufflehog/compare/v3.93.6...v3.93.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.93.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH_TOKEN needed for gh by \u003ca href=\"https://github.com/bill-rich\"\u003e\u003ccode\u003e@​bill-rich\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4772\"\u003etrufflesecurity/trufflehog#4772\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMove verify flag into \u003ccode\u003edetectableChunk\u003c/code\u003e by \u003ca href=\"https://github.com/rosecodym\"\u003e\u003ccode\u003e@​rosecodym\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4558\"\u003etrufflesecurity/trufflehog#4558\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/trufflesecurity/trufflehog/compare/v3.93.5...v3.93.6\"\u003ehttps://github.com/trufflesecurity/trufflehog/compare/v3.93.5...v3.93.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.93.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd workspace_id to Slack Continuous metadata by \u003ca href=\"https://github.com/mariduv\"\u003e\u003ccode\u003e@​mariduv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4749\"\u003etrufflesecurity/trufflehog#4749\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(release): Disable docker provenance feature by \u003ca href=\"https://github.com/mariduv\"\u003e\u003ccode\u003e@​mariduv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4752\"\u003etrufflesecurity/trufflehog#4752\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBase64 decoding depth assessment by \u003ca href=\"https://github.com/dxa4481\"\u003e\u003ccode\u003e@​dxa4481\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4744\"\u003etrufflesecurity/trufflehog#4744\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[INS-246] Add Google Gemini API key detector by \u003ca href=\"https://github.com/mustansir14\"\u003e\u003ccode\u003e@​mustansir14\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4649\"\u003etrufflesecurity/trufflehog#4649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactor log package by \u003ca href=\"https://github.com/mcastorina\"\u003e\u003ccode\u003e@​mcastorina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4734\"\u003etrufflesecurity/trufflehog#4734\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[INS-309]updated google api version to v0.259.0 by \u003ca href=\"https://github.com/MuneebUllahKhan222\"\u003e\u003ccode\u003e@​MuneebUllahKhan222\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4736\"\u003etrufflesecurity/trufflehog#4736\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(ftp): set read deadline on connection to prevent indefinite hang by \u003ca href=\"https://github.com/dylanTruffle\"\u003e\u003ccode\u003e@​dylanTruffle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4759\"\u003etrufflesecurity/trufflehog#4759\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eadded rotation on 403s access_refused, this detector considered them indeterminate failures by \u003ca href=\"https://github.com/jordanTunstill\"\u003e\u003ccode\u003e@​jordanTunstill\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4740\"\u003etrufflesecurity/trufflehog#4740\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[INS-283] Support following symlinks in filesystem source by \u003ca href=\"https://github.com/MuneebUllahKhan222\"\u003e\u003ccode\u003e@​MuneebUllahKhan222\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4742\"\u003etrufflesecurity/trufflehog#4742\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typos in comments in json-enumerator source by \u003ca href=\"https://github.com/bradlarsen\"\u003e\u003ccode\u003e@​bradlarsen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4764\"\u003etrufflesecurity/trufflehog#4764\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix race condition in release process by \u003ca href=\"https://github.com/bill-rich\"\u003e\u003ccode\u003e@​bill-rich\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4766\"\u003etrufflesecurity/trufflehog#4766\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/trufflesecurity/trufflehog/compare/v3.93.4...v3.93.5\"\u003ehttps:/...\n\n_Description has been truncated_","html_url":"https://github.com/hyperpolymath/Exnovation.jl/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyperpolymath%2FExnovation.jl/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"},{"uuid":"4097426138","node_id":"PR_kwDOQiHbVM7LpvSC","number":27,"state":"open","title":"chore(deps): bump the actions group across 1 directory with 6 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-18T20:02:34.000Z","updated_at":"2026-04-01T12:23:01.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"actions","update_count":6,"packages":[{"name":"actions/checkout","old_version":"4","new_version":"6","repository_url":"https://github.com/actions/checkout"},{"name":"github/codeql-action","old_version":"4.32.6","new_version":"4.33.0","repository_url":"https://github.com/github/codeql-action"},{"name":"erlef/setup-beam","old_version":"1.22.0","new_version":"1.23.0","repository_url":"https://github.com/erlef/setup-beam"},{"name":"webfactory/ssh-agent","old_version":"0.9.1","new_version":"0.10.0","repository_url":"https://github.com/webfactory/ssh-agent"},{"name":"Swatinem/rust-cache","old_version":"2.8.2","new_version":"2.9.1","repository_url":"https://github.com/swatinem/rust-cache"},{"name":"codecov/codecov-action","old_version":"5.5.2","new_version":"5.5.3","repository_url":"https://github.com/codecov/codecov-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 6 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [actions/checkout](https://github.com/actions/checkout) | `4` | `6` |\n| [github/codeql-action](https://github.com/github/codeql-action) | `4.32.6` | `4.33.0` |\n| [erlef/setup-beam](https://github.com/erlef/setup-beam) | `1.22.0` | `1.23.0` |\n| [webfactory/ssh-agent](https://github.com/webfactory/ssh-agent) | `0.9.1` | `0.10.0` |\n| [Swatinem/rust-cache](https://github.com/swatinem/rust-cache) | `2.8.2` | `2.9.1` |\n| [codecov/codecov-action](https://github.com/codecov/codecov-action) | `5.5.2` | `5.5.3` |\n\n\nUpdates `actions/checkout` from 4 to 6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/releases\"\u003eactions/checkout's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev6-beta by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2298\"\u003eactions/checkout#2298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate readme/changelog for v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2311\"\u003eactions/checkout#2311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/checkout/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6-beta\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eUpdated persist-credentials to store the credentials under \u003ccode\u003e$RUNNER_TEMP\u003c/code\u003e instead of directly in the local git config.\u003c/p\u003e\n\u003cp\u003eThis requires a minimum Actions Runner version of \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.329.0\"\u003ev2.329.0\u003c/a\u003e to access the persisted credentials for \u003ca href=\"https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action\"\u003eDocker container action\u003c/a\u003e scenarios.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5...v5.0.1\"\u003ehttps://github.com/actions/checkout/compare/v5...v5.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare v5.0.0 release by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2238\"\u003eactions/checkout#2238\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eMake sure your runner is updated to this version or newer to use this release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v4...v5.0.0\"\u003ehttps://github.com/actions/checkout/compare/v4...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v4...v4.3.1\"\u003ehttps://github.com/actions/checkout/compare/v4...v4.3.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca href=\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca href=\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca href=\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003e\u003ccode\u003ede0fac2\u003c/code\u003e\u003c/a\u003e Fix tag handling: preserve annotations and explicit fetch-tags (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2356\"\u003e#2356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49\"\u003e\u003ccode\u003e064fe7f\u003c/code\u003e\u003c/a\u003e Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8\"\u003e\u003ccode\u003e8e8c483\u003c/code\u003e\u003c/a\u003e Clarify v6 README (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2328\"\u003e#2328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1\"\u003e\u003ccode\u003e033fa0d\u003c/code\u003e\u003c/a\u003e Add worktree support for persist-credentials includeIf (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2327\"\u003e#2327\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5\"\u003e\u003ccode\u003ec2d88d3\u003c/code\u003e\u003c/a\u003e Update all references from v5 and v4 to v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2314\"\u003e#2314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3\"\u003e\u003ccode\u003e1af3b93\u003c/code\u003e\u003c/a\u003e update readme/changelog for v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2311\"\u003e#2311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e\"\u003e\u003ccode\u003e71cf226\u003c/code\u003e\u003c/a\u003e v6-beta (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2298\"\u003e#2298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e\"\u003e\u003ccode\u003e069c695\u003c/code\u003e\u003c/a\u003e Persist creds to a separate file (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2286\"\u003e#2286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493\"\u003e\u003ccode\u003eff7abcd\u003c/code\u003e\u003c/a\u003e Update README to include Node.js 24 support details and requirements (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8\"\u003e\u003ccode\u003e08c6903\u003c/code\u003e\u003c/a\u003e Prepare v5.0.0 release (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2238\"\u003e#2238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/checkout/compare/v4...v6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 4.32.6 to 4.33.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.33.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.33.0 - 16 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.6 - 05 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3548\"\u003e#3548\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.5 - 02 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepositories owned by an organization can now set up the \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e custom repository property to disable \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis for CodeQL\u003c/a\u003e. First, create a custom repository property with the name \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e and the type \u0026quot;True/false\u0026quot; in the organization's settings. Then in the repository's settings, set this property to \u003ccode\u003etrue\u003c/code\u003e to disable improved incremental analysis. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. This feature is not yet available on GitHub Enterprise Server. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3507\"\u003e#3507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change so that when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e fails on a runner — potentially due to insufficient disk space — the failure is recorded in the Actions cache so that subsequent runs will automatically skip improved incremental analysis until something changes (e.g. a larger runner is provisioned or a new CodeQL version is released). We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3487\"\u003e#3487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe minimum memory check for improved incremental analysis is now skipped for CodeQL 2.24.3 and later, which has reduced peak RAM usage. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3515\"\u003e#3515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReduced log levels for best-effort private package registry connection check failures to reduce noise from workflow annotations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3516\"\u003e#3516\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which lowers the minimum disk space requirement for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e, enabling it to run on standard GitHub Actions runners. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3498\"\u003e#3498\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which allows the \u003ccode\u003estart-proxy\u003c/code\u003e action to resolve the CodeQL CLI version from feature flags instead of using the linked CLI bundle version. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3512\"\u003e#3512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe previously experimental changes from versions 4.32.3, 4.32.4, 3.32.3 and 3.32.4 are now enabled by default. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3503\"\u003e#3503\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3504\"\u003e#3504\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.4 - 20 Feb 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.2\"\u003e2.24.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3493\"\u003e#3493\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which improves how certificates are generated for the authentication proxy that is used by the CodeQL Action in Default Setup when \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e. This is expected to generate more widely compatible certificates and should have no impact on analyses which are working correctly already. We expect to roll this change out to everyone in February. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3473\"\u003e#3473\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen the CodeQL Action is run \u003ca href=\"https://docs.github.com/en/code-security/how-tos/scan-code-for-vulnerabilities/troubleshooting/troubleshooting-analysis-errors/logs-not-detailed-enough#creating-codeql-debugging-artifacts-for-codeql-default-setup\"\u003ewith debugging enabled in Default Setup\u003c/a\u003e and \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e, the \u0026quot;Setup proxy for registries\u0026quot; step will output additional diagnostic information that can be used for troubleshooting. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3486\"\u003e#3486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which allows the CodeQL Action to enable network debugging for Java programs. This will help GitHub staff support customers with troubleshooting issues in GitHub-managed CodeQL workflows, such as Default Setup. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3485\"\u003e#3485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which enables GitHub-managed workflows, such as Default Setup, to use a \u003ca href=\"https://github.com/dsp-testing/codeql-cli-nightlies\"\u003enightly CodeQL CLI release\u003c/a\u003e instead of the latest, stable release that is used by default. This will help GitHub staff support customers whose analyses for a given repository or organization require early access to a change in an upcoming CodeQL CLI release. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3484\"\u003e#3484\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.3 - 13 Feb 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded experimental support for testing connections to \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for Default Setup. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3466\"\u003e#3466\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.2 - 05 Feb 2026\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/b1bff81932f5cdfc8695c7752dcee935dcd061c8\"\u003e\u003ccode\u003eb1bff81\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3574\"\u003e#3574\u003c/a\u003e from github/update-v4.32.7-7dd76e6bf\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e682234222f60d9549e37004a04a8f097bbd5798\"\u003e\u003ccode\u003ee682234\u003c/code\u003e\u003c/a\u003e Add changelog entry for \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3570\"\u003e#3570\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/95be291f41a39216811b3ce1a63a8df71d40d405\"\u003e\u003ccode\u003e95be291\u003c/code\u003e\u003c/a\u003e Bump minor version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/59bcb6025e4788109a6bb8f7ac4ad9c6a8d6beeb\"\u003e\u003ccode\u003e59bcb60\u003c/code\u003e\u003c/a\u003e Update changelog for v4.32.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7dd76e6bf79d24133aa649887a6ee01d8b063816\"\u003e\u003ccode\u003e7dd76e6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3572\"\u003e#3572\u003c/a\u003e from github/mbg/pr-checks/eslint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e3200e331bf51e47d45a8a5645d2a125c8a8a643\"\u003e\u003ccode\u003ee3200e3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3563\"\u003e#3563\u003c/a\u003e from github/mbg/private-registry/oidc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/4c356c71a28eb968dbcf4fb717211e82f406874f\"\u003e\u003ccode\u003e4c356c7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3570\"\u003e#3570\u003c/a\u003e from github/mbg/repo-props/warn-on-unexpected-props\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/b4937c19e53d395cc647fe16c4e00788a4e7ded3\"\u003e\u003ccode\u003eb4937c1\u003c/code\u003e\u003c/a\u003e Only emit one message with accumulated property names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/136b8ab3777165e3ec7a19faa7ef9732ace305da\"\u003e\u003ccode\u003e136b8ab\u003c/code\u003e\u003c/a\u003e Remove \u003ccode\u003ecache-dependency-path\u003c/code\u003e options as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/a5aba5952cd5add76ec9f971654d61461a3ac2bd\"\u003e\u003ccode\u003ea5aba59\u003c/code\u003e\u003c/a\u003e Remove \u003ccode\u003epackage-lock.json\u003c/code\u003e that's no longer needed\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/0d579ffd059c29b07949a3cce3983f0780820c98...b1bff81932f5cdfc8695c7752dcee935dcd061c8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `erlef/setup-beam` from 1.22.0 to 1.23.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.23.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.23.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003e\u003ccode\u003eee09b1e\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to f8b54b5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/f8b54b559e6123caaab7f1aa113f60a5fad786e6\"\u003e\u003ccode\u003ef8b54b5\u003c/code\u003e\u003c/a\u003e Run ARM-specific tests consistently (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/434\"\u003e#434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf1ce7403467d283c9c2f605633ef849ed3781c8\"\u003e\u003ccode\u003ebf1ce74\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 559a930\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/559a93075107e8996bed015071364d5b82de6c9a\"\u003e\u003ccode\u003e559a930\u003c/code\u003e\u003c/a\u003e Bump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 director...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/1380ebe712baba142b98b84cf8d62c5235dfafc3\"\u003e\u003ccode\u003e1380ebe\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 0a54959\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/0a549596b00a62e47fdaf801584216a26b1831e8\"\u003e\u003ccode\u003e0a54959\u003c/code\u003e\u003c/a\u003e Compatibility matrix strategy (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/389\"\u003e#389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/3a3c94fd9e9380e45cecff3ab9f5b6b9e0d2f6da\"\u003e\u003ccode\u003e3a3c94f\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to cfafb69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/cfafb69dddf4265d6e7aa5232514b85b3f829076\"\u003e\u003ccode\u003ecfafb69\u003c/code\u003e\u003c/a\u003e feat: add Erlang problem matchers (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/433\"\u003e#433\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/b3cbb6afbf19923100205a2cc9ac78dbc5d87113\"\u003e\u003ccode\u003eb3cbb6a\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 2abe6cd\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/2abe6cda7aebef61794fefb3fb28ad5bab8bb158\"\u003e\u003ccode\u003e2abe6cd\u003c/code\u003e\u003c/a\u003e fix: download correct Gleam binary for macOS and Linux ARM64 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/428\"\u003e#428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/9d5b75ddfda22fb979d2270283237aef8aa68d6b...ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webfactory/ssh-agent` from 0.9.1 to 0.10.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webfactory/ssh-agent/releases\"\u003ewebfactory/ssh-agent's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.10.0: Upgrade to node-24\u003c/h2\u003e\n\u003cp\u003eThis release upgrades from node 20 to node 24, preparing for Node 20's upcoming EOL and getting rid of the related warning message in GitHub.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003euse node24 by \u003ca href=\"https://github.com/jimmymcpeter\"\u003e\u003ccode\u003e@​jimmymcpeter\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webfactory/ssh-agent/pull/243\"\u003ewebfactory/ssh-agent#243\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jimmymcpeter\"\u003e\u003ccode\u003e@​jimmymcpeter\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/webfactory/ssh-agent/pull/243\"\u003ewebfactory/ssh-agent#243\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/webfactory/ssh-agent/compare/v0.9.1...v0.10.0\"\u003ehttps://github.com/webfactory/ssh-agent/compare/v0.9.1...v0.10.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webfactory/ssh-agent/commit/e83874834305fe9a4a2997156cb26c5de65a8555\"\u003e\u003ccode\u003ee838748\u003c/code\u003e\u003c/a\u003e use node24 (\u003ca href=\"https://redirect.github.com/webfactory/ssh-agent/issues/243\"\u003e#243\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/webfactory/ssh-agent/compare/a6f90b1f127823b31d4d4a8d96047790581349bd...e83874834305fe9a4a2997156cb26c5de65a8555\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `Swatinem/rust-cache` from 2.8.2 to 2.9.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/swatinem/rust-cache/releases\"\u003eSwatinem/rust-cache's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.9.1\u003c/h2\u003e\n\u003cp\u003eFix regression in hash calculation\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Swatinem/rust-cache/compare/v2.9.0...v2.9.1\"\u003ehttps://github.com/Swatinem/rust-cache/compare/v2.9.0...v2.9.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.9.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for running rust-cache commands from within a Nix shell by \u003ca href=\"https://github.com/marc0246\"\u003e\u003ccode\u003e@​marc0246\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Swatinem/rust-cache/pull/290\"\u003eSwatinem/rust-cache#290\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump taiki-e/install-action from 2.62.57 to 2.62.60 in the actions group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/Swatinem/rust-cache/pull/291\"\u003eSwatinem/rust-cache#291\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump the actions group across 1 directory with 5 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/Swatinem/rust-cache/pull/296\"\u003eSwatinem/rust-cache#296\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump the prd-major group with 3 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/Swatinem/rust-cache/pull/294\"\u003eSwatinem/rust-cache#294\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.1 to 25.0.2 in the dev-major group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/Swatinem/rust-cache/pull/295\"\u003eSwatinem/rust-cache#295\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsider all installed toolchains in cache key by \u003ca href=\"https://github.com/tamird\"\u003e\u003ccode\u003e@​tamird\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Swatinem/rust-cache/pull/293\"\u003eSwatinem/rust-cache#293\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCompare case-insenitively for full cache key match by \u003ca href=\"https://github.com/kbriggs\"\u003e\u003ccode\u003e@​kbriggs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Swatinem/rust-cache/pull/303\"\u003eSwatinem/rust-cache#303\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMigrate to \u003ccode\u003enode24\u003c/code\u003e runner by \u003ca href=\"https://github.com/rhysd\"\u003e\u003ccode\u003e@​rhysd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Swatinem/rust-cache/pull/314\"\u003eSwatinem/rust-cache#314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump the actions group across 1 directory with 7 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/Swatinem/rust-cache/pull/312\"\u003eSwatinem/rust-cache#312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump the prd-minor group across 1 directory with 2 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/Swatinem/rust-cache/pull/307\"\u003eSwatinem/rust-cache#307\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​types/node\u003c/code\u003e from 25.0.2 to 25.2.2 in the dev-minor group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/Swatinem/rust-cache/pull/309\"\u003eSwatinem/rust-cache#309\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marc0246\"\u003e\u003ccode\u003e@​marc0246\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/Swatinem/rust-cache/pull/290\"\u003eSwatinem/rust-cache#290\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tamird\"\u003e\u003ccode\u003e@​tamird\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/Swatinem/rust-cache/pull/293\"\u003eSwatinem/rust-cache#293\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kbriggs\"\u003e\u003ccode\u003e@​kbriggs\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/Swatinem/rust-cache/pull/303\"\u003eSwatinem/rust-cache#303\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Swatinem/rust-cache/compare/v2.8.2...v2.9.0\"\u003ehttps://github.com/Swatinem/rust-cache/compare/v2.8.2...v2.9.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Swatinem/rust-cache/blob/master/CHANGELOG.md\"\u003eSwatinem/rust-cache's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e2.9.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression in hash calculation\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.9.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to \u003ccode\u003enode24\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSupport running from within a \u003ccode\u003enix\u003c/code\u003e shell\u003c/li\u003e\n\u003cli\u003eConsider all installed toolchains for cache key\u003c/li\u003e\n\u003cli\u003eUse case-insensitive comparison to determine exact cache hit\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.8.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDon't overwrite env for cargo-metadata call\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.8.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSet empty \u003ccode\u003eCARGO_ENCODED_RUSTFLAGS\u003c/code\u003e when retrieving metadata\u003c/li\u003e\n\u003cli\u003eVarious dependency updates\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for \u003ccode\u003ewarpbuild\u003c/code\u003e cache provider\u003c/li\u003e\n\u003cli\u003eAdd new \u003ccode\u003ecache-workspace-crates\u003c/code\u003e feature\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.7.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eInclude CPU arch in the cache key\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.7.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAlso cache \u003ccode\u003ecargo install\u003c/code\u003e metadata\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.7.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAllow opting out of caching $CARGO_HOME/bin\u003c/li\u003e\n\u003cli\u003eAdd runner OS in cache key\u003c/li\u003e\n\u003cli\u003eAdds an option to do lookup-only of the cache\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.7.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Cargo.lock format cargo-lock v4\u003c/li\u003e\n\u003cli\u003eOnly run macOsWorkaround() on macOS\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWork around upstream problem that causes cache saving to hang for minutes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Swatinem/rust-cache/commit/c19371144df3bb44fab255c43d04cbc2ab54d1c4\"\u003e\u003ccode\u003ec193711\u003c/code\u003e\u003c/a\u003e 2.9.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Swatinem/rust-cache/commit/781e8d91ab29deb65464798965e49853f963b561\"\u003e\u003ccode\u003e781e8d9\u003c/code\u003e\u003c/a\u003e try reverting pipeline change\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Swatinem/rust-cache/commit/3d1fa4654a5786f5537b1d31acd0f35e56de9924\"\u003e\u003ccode\u003e3d1fa46\u003c/code\u003e\u003c/a\u003e add changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Swatinem/rust-cache/commit/c676846f29d98ff6b0106d3608c7ffd4048af17b\"\u003e\u003ccode\u003ec676846\u003c/code\u003e\u003c/a\u003e 2.9.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Swatinem/rust-cache/commit/bf71d02c11df9d5253618f39943e9dd59f7fd5a9\"\u003e\u003ccode\u003ebf71d02\u003c/code\u003e\u003c/a\u003e bump dependencies and rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Swatinem/rust-cache/commit/8a02ed5e290d8afc7e587930243f3016b3223f50\"\u003e\u003ccode\u003e8a02ed5\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​types/node\u003c/code\u003e from 25.0.2 to 25.2.2 in the dev-minor group (\u003ca href=\"https://redirect.github.com/swatinem/rust-cache/issues/309\"\u003e#309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Swatinem/rust-cache/commit/390157d4874246aff722dd7f77e641fcae197678\"\u003e\u003ccode\u003e390157d\u003c/code\u003e\u003c/a\u003e Bump the prd-minor group across 1 directory with 2 updates (\u003ca href=\"https://redirect.github.com/swatinem/rust-cache/issues/307\"\u003e#307\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Swatinem/rust-cache/commit/68500c182e89a3f56d9b1de095d7e62f0ea5b8bf\"\u003e\u003ccode\u003e68500c1\u003c/code\u003e\u003c/a\u003e Bump the actions group across 1 directory with 7 updates (\u003ca href=\"https://redirect.github.com/swatinem/rust-cache/issues/312\"\u003e#312\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Swatinem/rust-cache/commit/1a8384176d7ed15c323a201c65073983cdb5a5be\"\u003e\u003ccode\u003e1a83841\u003c/code\u003e\u003c/a\u003e Migrate to \u003ccode\u003enode24\u003c/code\u003e runner (\u003ca href=\"https://redirect.github.com/swatinem/rust-cache/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Swatinem/rust-cache/commit/11da8522bc3856a8fbc565f1d1530989c793d67d\"\u003e\u003ccode\u003e11da852\u003c/code\u003e\u003c/a\u003e Compare case-insenitively for full cache key match (\u003ca href=\"https://redirect.github.com/swatinem/rust-cache/issues/303\"\u003e#303\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/swatinem/rust-cache/compare/779680da715d629ac1d338a641029a2f4372abb5...c19371144df3bb44fab255c43d04cbc2ab54d1c4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `codecov/codecov-action` from 5.5.2 to 5.5.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/codecov/codecov-action/releases\"\u003ecodecov/codecov-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.5.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump actions/github-script from 7.0.1 to 8.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1874\"\u003ecodecov/codecov-action#1874\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(release): bump to 5.5.3 by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1922\"\u003ecodecov/codecov-action#1922\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.5.2...v5.5.3\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.5.2...v5.5.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md\"\u003ecodecov/codecov-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.5.2\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.5.1\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: overwrite pr number on fork by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1871\"\u003ecodecov/codecov-action#1871\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.2.2 to 5.0.0 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1868\"\u003ecodecov/codecov-action#1868\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1867\"\u003ecodecov/codecov-action#1867\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update to use local app/ dir by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1872\"\u003ecodecov/codecov-action#1872\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix typo in README by \u003ca href=\"https://github.com/datalater\"\u003e\u003ccode\u003e@​datalater\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1866\"\u003ecodecov/codecov-action#1866\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument a \u003ccode\u003ecodecov-cli\u003c/code\u003e version reference example by \u003ca href=\"https://github.com/webknjaz\"\u003e\u003ccode\u003e@​webknjaz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1774\"\u003ecodecov/codecov-action#1774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1861\"\u003ecodecov/codecov-action#1861\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1833\"\u003ecodecov/codecov-action#1833\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.5.0\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: upgrade wrapper to 0.2.4 by \u003ca href=\"https://github.com/jviall\"\u003e\u003ccode\u003e@​jviall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1864\"\u003ecodecov/codecov-action#1864\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin actions/github-script by Git SHA by \u003ca href=\"https://github.com/martincostello\"\u003e\u003ccode\u003e@​martincostello\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1859\"\u003ecodecov/codecov-action#1859\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: check reqs exist by \u003ca href=\"https://github.com/joseph-sentry\"\u003e\u003ccode\u003e@​joseph-sentry\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1835\"\u003ecodecov/codecov-action#1835\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Typo in README by \u003ca href=\"https://github.com/spalmurray\"\u003e\u003ccode\u003e@​spalmurray\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1838\"\u003ecodecov/codecov-action#1838\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Refine OIDC docs by \u003ca href=\"https://github.com/spalmurray\"\u003e\u003ccode\u003e@​spalmurray\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1837\"\u003ecodecov/codecov-action#1837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1829\"\u003ecodecov/codecov-action#1829\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.4.3\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.17 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1822\"\u003ecodecov/codecov-action#1822\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: OIDC on forks by \u003ca href=\"https://github.com/joseph-sentry\"\u003e\u003ccode\u003e@​joseph-sentry\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1823\"\u003ecodecov/codecov-action#1823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.4.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-action/commit/1af58845a975a7985b0beb0cbe6fbbb71a41dbad\"\u003e\u003ccode\u003e1af5884\u003c/code\u003e\u003c/a\u003e chore(release): bump to 5.5.3 (\u003ca href=\"https://redirect.github.com/codecov/codecov-action/issues/1922\"\u003e#1922\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-action/commit/c143300dea6c9a730986ff862c5bf4d458927ef8\"\u003e\u003ccode\u003ec143300\u003c/code\u003e\u003c/a\u003e build(deps): bump actions/github-script from 7.0.1 to 8.0.0 (\u003ca href=\"https://redirect.github.com/codecov/codecov-action/issues/1874\"\u003e#1874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/codecov/codecov-action/compare/671740ac38dd9b0130fbe1cec585b89eea48d3de...1af58845a975a7985b0beb0cbe6fbbb71a41dbad\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/hyperpolymath/neurophone/pull/27","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyperpolymath%2Fneurophone/issues/27","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/27/packages"},{"uuid":"4092025472","node_id":"PR_kwDOQhmAJs7LY6Qj","number":17,"state":"open","title":"chore(deps): bump the actions group with 5 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-18T00:56:25.000Z","updated_at":"2026-04-01T01:05:51.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"actions","update_count":5,"packages":[{"name":"actions/checkout","old_version":"4","new_version":"6","repository_url":"https://github.com/actions/checkout"},{"name":"github/codeql-action","old_version":"4.32.6","new_version":"4.33.0","repository_url":"https://github.com/github/codeql-action"},{"name":"actions/download-artifact","old_version":"8.0.0","new_version":"8.0.1","repository_url":"https://github.com/actions/download-artifact"},{"name":"erlef/setup-beam","old_version":"1.22.0","new_version":"1.23.0","repository_url":"https://github.com/erlef/setup-beam"},{"name":"webfactory/ssh-agent","old_version":"0.9.1","new_version":"0.10.0","repository_url":"https://github.com/webfactory/ssh-agent"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 5 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [actions/checkout](https://github.com/actions/checkout) | `4` | `6` |\n| [github/codeql-action](https://github.com/github/codeql-action) | `4.32.6` | `4.33.0` |\n| [actions/download-artifact](https://github.com/actions/download-artifact) | `8.0.0` | `8.0.1` |\n| [erlef/setup-beam](https://github.com/erlef/setup-beam) | `1.22.0` | `1.23.0` |\n| [webfactory/ssh-agent](https://github.com/webfactory/ssh-agent) | `0.9.1` | `0.10.0` |\n\nUpdates `actions/checkout` from 4 to 6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/releases\"\u003eactions/checkout's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev6-beta by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2298\"\u003eactions/checkout#2298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate readme/changelog for v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2311\"\u003eactions/checkout#2311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/checkout/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6-beta\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eUpdated persist-credentials to store the credentials under \u003ccode\u003e$RUNNER_TEMP\u003c/code\u003e instead of directly in the local git config.\u003c/p\u003e\n\u003cp\u003eThis requires a minimum Actions Runner version of \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.329.0\"\u003ev2.329.0\u003c/a\u003e to access the persisted credentials for \u003ca href=\"https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action\"\u003eDocker container action\u003c/a\u003e scenarios.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5...v5.0.1\"\u003ehttps://github.com/actions/checkout/compare/v5...v5.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare v5.0.0 release by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2238\"\u003eactions/checkout#2238\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eMake sure your runner is updated to this version or newer to use this release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v4...v5.0.0\"\u003ehttps://github.com/actions/checkout/compare/v4...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v4...v4.3.1\"\u003ehttps://github.com/actions/checkout/compare/v4...v4.3.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca href=\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca href=\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca href=\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003e\u003ccode\u003ede0fac2\u003c/code\u003e\u003c/a\u003e Fix tag handling: preserve annotations and explicit fetch-tags (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2356\"\u003e#2356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49\"\u003e\u003ccode\u003e064fe7f\u003c/code\u003e\u003c/a\u003e Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8\"\u003e\u003ccode\u003e8e8c483\u003c/code\u003e\u003c/a\u003e Clarify v6 README (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2328\"\u003e#2328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1\"\u003e\u003ccode\u003e033fa0d\u003c/code\u003e\u003c/a\u003e Add worktree support for persist-credentials includeIf (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2327\"\u003e#2327\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5\"\u003e\u003ccode\u003ec2d88d3\u003c/code\u003e\u003c/a\u003e Update all references from v5 and v4 to v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2314\"\u003e#2314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3\"\u003e\u003ccode\u003e1af3b93\u003c/code\u003e\u003c/a\u003e update readme/changelog for v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2311\"\u003e#2311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e\"\u003e\u003ccode\u003e71cf226\u003c/code\u003e\u003c/a\u003e v6-beta (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2298\"\u003e#2298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e\"\u003e\u003ccode\u003e069c695\u003c/code\u003e\u003c/a\u003e Persist creds to a separate file (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2286\"\u003e#2286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493\"\u003e\u003ccode\u003eff7abcd\u003c/code\u003e\u003c/a\u003e Update README to include Node.js 24 support details and requirements (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8\"\u003e\u003ccode\u003e08c6903\u003c/code\u003e\u003c/a\u003e Prepare v5.0.0 release (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2238\"\u003e#2238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/checkout/compare/v4...v6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 4.32.6 to 4.33.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.33.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.33.0 - 16 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.6 - 05 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3548\"\u003e#3548\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.5 - 02 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepositories owned by an organization can now set up the \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e custom repository property to disable \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis for CodeQL\u003c/a\u003e. First, create a custom repository property with the name \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e and the type \u0026quot;True/false\u0026quot; in the organization's settings. Then in the repository's settings, set this property to \u003ccode\u003etrue\u003c/code\u003e to disable improved incremental analysis. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. This feature is not yet available on GitHub Enterprise Server. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3507\"\u003e#3507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change so that when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e fails on a runner — potentially due to insufficient disk space — the failure is recorded in the Actions cache so that subsequent runs will automatically skip improved incremental analysis until something changes (e.g. a larger runner is provisioned or a new CodeQL version is released). We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3487\"\u003e#3487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe minimum memory check for improved incremental analysis is now skipped for CodeQL 2.24.3 and later, which has reduced peak RAM usage. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3515\"\u003e#3515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReduced log levels for best-effort private package registry connection check failures to reduce noise from workflow annotations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3516\"\u003e#3516\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which lowers the minimum disk space requirement for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e, enabling it to run on standard GitHub Actions runners. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3498\"\u003e#3498\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which allows the \u003ccode\u003estart-proxy\u003c/code\u003e action to resolve the CodeQL CLI version from feature flags instead of using the linked CLI bundle version. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3512\"\u003e#3512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe previously experimental changes from versions 4.32.3, 4.32.4, 3.32.3 and 3.32.4 are now enabled by default. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3503\"\u003e#3503\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3504\"\u003e#3504\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.4 - 20 Feb 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.2\"\u003e2.24.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3493\"\u003e#3493\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which improves how certificates are generated for the authentication proxy that is used by the CodeQL Action in Default Setup when \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e. This is expected to generate more widely compatible certificates and should have no impact on analyses which are working correctly already. We expect to roll this change out to everyone in February. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3473\"\u003e#3473\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen the CodeQL Action is run \u003ca href=\"https://docs.github.com/en/code-security/how-tos/scan-code-for-vulnerabilities/troubleshooting/troubleshooting-analysis-errors/logs-not-detailed-enough#creating-codeql-debugging-artifacts-for-codeql-default-setup\"\u003ewith debugging enabled in Default Setup\u003c/a\u003e and \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e, the \u0026quot;Setup proxy for registries\u0026quot; step will output additional diagnostic information that can be used for troubleshooting. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3486\"\u003e#3486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which allows the CodeQL Action to enable network debugging for Java programs. This will help GitHub staff support customers with troubleshooting issues in GitHub-managed CodeQL workflows, such as Default Setup. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3485\"\u003e#3485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which enables GitHub-managed workflows, such as Default Setup, to use a \u003ca href=\"https://github.com/dsp-testing/codeql-cli-nightlies\"\u003enightly CodeQL CLI release\u003c/a\u003e instead of the latest, stable release that is used by default. This will help GitHub staff support customers whose analyses for a given repository or organization require early access to a change in an upcoming CodeQL CLI release. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3484\"\u003e#3484\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.3 - 13 Feb 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded experimental support for testing connections to \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for Default Setup. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3466\"\u003e#3466\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.2 - 05 Feb 2026\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/b1bff81932f5cdfc8695c7752dcee935dcd061c8\"\u003e\u003ccode\u003eb1bff81\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3574\"\u003e#3574\u003c/a\u003e from github/update-v4.32.7-7dd76e6bf\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e682234222f60d9549e37004a04a8f097bbd5798\"\u003e\u003ccode\u003ee682234\u003c/code\u003e\u003c/a\u003e Add changelog entry for \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3570\"\u003e#3570\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/95be291f41a39216811b3ce1a63a8df71d40d405\"\u003e\u003ccode\u003e95be291\u003c/code\u003e\u003c/a\u003e Bump minor version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/59bcb6025e4788109a6bb8f7ac4ad9c6a8d6beeb\"\u003e\u003ccode\u003e59bcb60\u003c/code\u003e\u003c/a\u003e Update changelog for v4.32.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7dd76e6bf79d24133aa649887a6ee01d8b063816\"\u003e\u003ccode\u003e7dd76e6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3572\"\u003e#3572\u003c/a\u003e from github/mbg/pr-checks/eslint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e3200e331bf51e47d45a8a5645d2a125c8a8a643\"\u003e\u003ccode\u003ee3200e3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3563\"\u003e#3563\u003c/a\u003e from github/mbg/private-registry/oidc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/4c356c71a28eb968dbcf4fb717211e82f406874f\"\u003e\u003ccode\u003e4c356c7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3570\"\u003e#3570\u003c/a\u003e from github/mbg/repo-props/warn-on-unexpected-props\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/b4937c19e53d395cc647fe16c4e00788a4e7ded3\"\u003e\u003ccode\u003eb4937c1\u003c/code\u003e\u003c/a\u003e Only emit one message with accumulated property names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/136b8ab3777165e3ec7a19faa7ef9732ace305da\"\u003e\u003ccode\u003e136b8ab\u003c/code\u003e\u003c/a\u003e Remove \u003ccode\u003ecache-dependency-path\u003c/code\u003e options as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/a5aba5952cd5add76ec9f971654d61461a3ac2bd\"\u003e\u003ccode\u003ea5aba59\u003c/code\u003e\u003c/a\u003e Remove \u003ccode\u003epackage-lock.json\u003c/code\u003e that's no longer needed\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/0d579ffd059c29b07949a3cce3983f0780820c98...b1bff81932f5cdfc8695c7752dcee935dcd061c8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/download-artifact` from 8.0.0 to 8.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/download-artifact/releases\"\u003eactions/download-artifact's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for CJK characters in the artifact name by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/download-artifact/pull/471\"\u003eactions/download-artifact#471\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd a regression test for artifact name + content-type mismatches by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/download-artifact/pull/472\"\u003eactions/download-artifact#472\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/download-artifact/compare/v8...v8.0.1\"\u003ehttps://github.com/actions/download-artifact/compare/v8...v8.0.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/download-artifact/commit/3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c\"\u003e\u003ccode\u003e3e5f45b\u003c/code\u003e\u003c/a\u003e Add regression tests for CJK characters (\u003ca href=\"https://redirect.github.com/actions/download-artifact/issues/471\"\u003e#471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/download-artifact/commit/e6d03f67377d4412c7aa56a8e2e4988e6ec479dd\"\u003e\u003ccode\u003ee6d03f6\u003c/code\u003e\u003c/a\u003e Add a regression test for artifact name + content-type mismatches (\u003ca href=\"https://redirect.github.com/actions/download-artifact/issues/472\"\u003e#472\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/actions/download-artifact/compare/70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3...3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `erlef/setup-beam` from 1.22.0 to 1.23.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.23.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.23.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003e\u003ccode\u003eee09b1e\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to f8b54b5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/f8b54b559e6123caaab7f1aa113f60a5fad786e6\"\u003e\u003ccode\u003ef8b54b5\u003c/code\u003e\u003c/a\u003e Run ARM-specific tests consistently (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/434\"\u003e#434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf1ce7403467d283c9c2f605633ef849ed3781c8\"\u003e\u003ccode\u003ebf1ce74\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 559a930\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/559a93075107e8996bed015071364d5b82de6c9a\"\u003e\u003ccode\u003e559a930\u003c/code\u003e\u003c/a\u003e Bump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 director...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/1380ebe712baba142b98b84cf8d62c5235dfafc3\"\u003e\u003ccode\u003e1380ebe\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 0a54959\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/0a549596b00a62e47fdaf801584216a26b1831e8\"\u003e\u003ccode\u003e0a54959\u003c/code\u003e\u003c/a\u003e Compatibility matrix strategy (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/389\"\u003e#389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/3a3c94fd9e9380e45cecff3ab9f5b6b9e0d2f6da\"\u003e\u003ccode\u003e3a3c94f\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to cfafb69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/cfafb69dddf4265d6e7aa5232514b85b3f829076\"\u003e\u003ccode\u003ecfafb69\u003c/code\u003e\u003c/a\u003e feat: add Erlang problem matchers (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/433\"\u003e#433\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/b3cbb6afbf19923100205a2cc9ac78dbc5d87113\"\u003e\u003ccode\u003eb3cbb6a\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 2abe6cd\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/2abe6cda7aebef61794fefb3fb28ad5bab8bb158\"\u003e\u003ccode\u003e2abe6cd\u003c/code\u003e\u003c/a\u003e fix: download correct Gleam binary for macOS and Linux ARM64 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/428\"\u003e#428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/9d5b75ddfda22fb979d2270283237aef8aa68d6b...ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webfactory/ssh-agent` from 0.9.1 to 0.10.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webfactory/ssh-agent/releases\"\u003ewebfactory/ssh-agent's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.10.0: Upgrade to node-24\u003c/h2\u003e\n\u003cp\u003eThis release upgrades from node 20 to node 24, preparing for Node 20's upcoming EOL and getting rid of the related warning message in GitHub.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003euse node24 by \u003ca href=\"https://github.com/jimmymcpeter\"\u003e\u003ccode\u003e@​jimmymcpeter\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webfactory/ssh-agent/pull/243\"\u003ewebfactory/ssh-agent#243\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jimmymcpeter\"\u003e\u003ccode\u003e@​jimmymcpeter\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/webfactory/ssh-agent/pull/243\"\u003ewebfactory/ssh-agent#243\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/webfactory/ssh-agent/compare/v0.9.1...v0.10.0\"\u003ehttps://github.com/webfactory/ssh-agent/compare/v0.9.1...v0.10.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webfactory/ssh-agent/commit/e83874834305fe9a4a2997156cb26c5de65a8555\"\u003e\u003ccode\u003ee838748\u003c/code\u003e\u003c/a\u003e use node24 (\u003ca href=\"https://redirect.github.com/webfactory/ssh-agent/issues/243\"\u003e#243\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/webfactory/ssh-agent/compare/a6f90b1f127823b31d4d4a8d96047790581349bd...e83874834305fe9a4a2997156cb26c5de65a8555\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/hyperpolymath/fireflag/pull/17","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyperpolymath%2Ffireflag/issues/17","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/17/packages"},{"uuid":"4084858024","node_id":"PR_kwDOQqj8l87LCuoP","number":81,"state":"open","title":"chore(deps): bump erlef/setup-beam from 1.22.0 to 1.23.0","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-16T21:24:03.000Z","updated_at":"2026-03-16T21:24:08.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"erlef/setup-beam","old_version":"1.22.0","new_version":"1.23.0","repository_url":"https://github.com/erlef/setup-beam"}],"path":null,"ecosystem":"actions"},"body":"Bumps [erlef/setup-beam](https://github.com/erlef/setup-beam) from 1.22.0 to 1.23.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.23.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.23.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003e\u003ccode\u003eee09b1e\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to f8b54b5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/f8b54b559e6123caaab7f1aa113f60a5fad786e6\"\u003e\u003ccode\u003ef8b54b5\u003c/code\u003e\u003c/a\u003e Run ARM-specific tests consistently (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/434\"\u003e#434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf1ce7403467d283c9c2f605633ef849ed3781c8\"\u003e\u003ccode\u003ebf1ce74\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 559a930\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/559a93075107e8996bed015071364d5b82de6c9a\"\u003e\u003ccode\u003e559a930\u003c/code\u003e\u003c/a\u003e Bump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 director...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/1380ebe712baba142b98b84cf8d62c5235dfafc3\"\u003e\u003ccode\u003e1380ebe\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 0a54959\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/0a549596b00a62e47fdaf801584216a26b1831e8\"\u003e\u003ccode\u003e0a54959\u003c/code\u003e\u003c/a\u003e Compatibility matrix strategy (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/389\"\u003e#389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/3a3c94fd9e9380e45cecff3ab9f5b6b9e0d2f6da\"\u003e\u003ccode\u003e3a3c94f\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to cfafb69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/cfafb69dddf4265d6e7aa5232514b85b3f829076\"\u003e\u003ccode\u003ecfafb69\u003c/code\u003e\u003c/a\u003e feat: add Erlang problem matchers (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/433\"\u003e#433\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/b3cbb6afbf19923100205a2cc9ac78dbc5d87113\"\u003e\u003ccode\u003eb3cbb6a\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 2abe6cd\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/2abe6cda7aebef61794fefb3fb28ad5bab8bb158\"\u003e\u003ccode\u003e2abe6cd\u003c/code\u003e\u003c/a\u003e fix: download correct Gleam binary for macOS and Linux ARM64 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/428\"\u003e#428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/9d5b75ddfda22fb979d2270283237aef8aa68d6b...ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=erlef/setup-beam\u0026package-manager=github_actions\u0026previous-version=1.22.0\u0026new-version=1.23.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/hyperpolymath/hypatia/pull/81","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyperpolymath%2Fhypatia/issues/81","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/81/packages"},{"uuid":"4082434541","node_id":"PR_kwDOQwL5ec7K63aL","number":36,"state":"open","title":"chore(deps): bump erlef/setup-beam from 1.22.0 to 1.23.0","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-16T13:16:52.000Z","updated_at":"2026-03-16T13:16:58.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"erlef/setup-beam","old_version":"1.22.0","new_version":"1.23.0","repository_url":"https://github.com/erlef/setup-beam"}],"path":null,"ecosystem":"actions"},"body":"Bumps [erlef/setup-beam](https://github.com/erlef/setup-beam) from 1.22.0 to 1.23.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.23.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.23.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003e\u003ccode\u003eee09b1e\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to f8b54b5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/f8b54b559e6123caaab7f1aa113f60a5fad786e6\"\u003e\u003ccode\u003ef8b54b5\u003c/code\u003e\u003c/a\u003e Run ARM-specific tests consistently (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/434\"\u003e#434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf1ce7403467d283c9c2f605633ef849ed3781c8\"\u003e\u003ccode\u003ebf1ce74\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 559a930\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/559a93075107e8996bed015071364d5b82de6c9a\"\u003e\u003ccode\u003e559a930\u003c/code\u003e\u003c/a\u003e Bump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 director...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/1380ebe712baba142b98b84cf8d62c5235dfafc3\"\u003e\u003ccode\u003e1380ebe\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 0a54959\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/0a549596b00a62e47fdaf801584216a26b1831e8\"\u003e\u003ccode\u003e0a54959\u003c/code\u003e\u003c/a\u003e Compatibility matrix strategy (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/389\"\u003e#389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/3a3c94fd9e9380e45cecff3ab9f5b6b9e0d2f6da\"\u003e\u003ccode\u003e3a3c94f\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to cfafb69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/cfafb69dddf4265d6e7aa5232514b85b3f829076\"\u003e\u003ccode\u003ecfafb69\u003c/code\u003e\u003c/a\u003e feat: add Erlang problem matchers (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/433\"\u003e#433\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/b3cbb6afbf19923100205a2cc9ac78dbc5d87113\"\u003e\u003ccode\u003eb3cbb6a\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 2abe6cd\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/2abe6cda7aebef61794fefb3fb28ad5bab8bb158\"\u003e\u003ccode\u003e2abe6cd\u003c/code\u003e\u003c/a\u003e fix: download correct Gleam binary for macOS and Linux ARM64 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/428\"\u003e#428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/9d5b75ddfda22fb979d2270283237aef8aa68d6b...ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=erlef/setup-beam\u0026package-manager=github_actions\u0026previous-version=1.22.0\u0026new-version=1.23.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/hyperpolymath/ipfs-overlay/pull/36","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyperpolymath%2Fipfs-overlay/issues/36","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/36/packages"},{"uuid":"4080026643","node_id":"PR_kwDOPttR4c7KzCH0","number":69,"state":"closed","title":"build(deps): bump erlef/setup-beam from 1.20.4 to 1.23.0","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-06T03:37:11.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-16T03:37:06.000Z","updated_at":"2026-04-06T03:37:13.000Z","time_to_close":1814405,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"erlef/setup-beam","old_version":"1.20.4","new_version":"1.23.0","repository_url":"https://github.com/erlef/setup-beam"}],"path":null,"ecosystem":"actions"},"body":"Bumps [erlef/setup-beam](https://github.com/erlef/setup-beam) from 1.20.4 to 1.23.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.23.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.23.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.22.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003emise.toml\u003c/code\u003e as \u003ccode\u003eversion-file\u003c/code\u003e (input) by \u003ca href=\"https://github.com/dinokovac-river\"\u003e\u003ccode\u003e@​dinokovac-river\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/415\"\u003eerlef/setup-beam#415\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDependabot updates\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/419\"\u003eerlef/setup-beam#419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/exec\u003c/code\u003e from 1.1.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/405\"\u003eerlef/setup-beam#405\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/tool-cache\u003c/code\u003e from 2.0.2 to 4.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/407\"\u003eerlef/setup-beam#407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​eslint/js\u003c/code\u003e from 9.38.0 to 10.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/404\"\u003eerlef/setup-beam#404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.1.0 to 6.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/409\"\u003eerlef/setup-beam#409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.2.0 to 6.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/423\"\u003eerlef/setup-beam#423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint from 10.0.1 to 10.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/420\"\u003eerlef/setup-beam#420\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint-plugin-yml from 1.18.0 to 3.3.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/418\"\u003eerlef/setup-beam#418\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump globals from 17.3.0 to 17.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/421\"\u003eerlef/setup-beam#421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump markdownlint-cli from 0.47.0 to 0.48.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/422\"\u003eerlef/setup-beam#422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump prettier from 3.6.2 to 3.8.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/408\"\u003eerlef/setup-beam#408\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.0 to 2.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/410\"\u003eerlef/setup-beam#410\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.1 to 2.1.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/424\"\u003eerlef/setup-beam#424\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003e\u003ccode\u003eee09b1e\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to f8b54b5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/f8b54b559e6123caaab7f1aa113f60a5fad786e6\"\u003e\u003ccode\u003ef8b54b5\u003c/code\u003e\u003c/a\u003e Run ARM-specific tests consistently (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/434\"\u003e#434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf1ce7403467d283c9c2f605633ef849ed3781c8\"\u003e\u003ccode\u003ebf1ce74\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 559a930\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/559a93075107e8996bed015071364d5b82de6c9a\"\u003e\u003ccode\u003e559a930\u003c/code\u003e\u003c/a\u003e Bump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 director...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/1380ebe712baba142b98b84cf8d62c5235dfafc3\"\u003e\u003ccode\u003e1380ebe\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 0a54959\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/0a549596b00a62e47fdaf801584216a26b1831e8\"\u003e\u003ccode\u003e0a54959\u003c/code\u003e\u003c/a\u003e Compatibility matrix strategy (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/389\"\u003e#389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/3a3c94fd9e9380e45cecff3ab9f5b6b9e0d2f6da\"\u003e\u003ccode\u003e3a3c94f\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to cfafb69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/cfafb69dddf4265d6e7aa5232514b85b3f829076\"\u003e\u003ccode\u003ecfafb69\u003c/code\u003e\u003c/a\u003e feat: add Erlang problem matchers (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/433\"\u003e#433\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/b3cbb6afbf19923100205a2cc9ac78dbc5d87113\"\u003e\u003ccode\u003eb3cbb6a\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 2abe6cd\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/2abe6cda7aebef61794fefb3fb28ad5bab8bb158\"\u003e\u003ccode\u003e2abe6cd\u003c/code\u003e\u003c/a\u003e fix: download correct Gleam binary for macOS and Linux ARM64 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/428\"\u003e#428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/e6d7c94229049569db56a7ad5a540c051a010af9...ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=erlef/setup-beam\u0026package-manager=github_actions\u0026previous-version=1.20.4\u0026new-version=1.23.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Brickell-Research/caffeine_lang/pull/69","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Brickell-Research%2Fcaffeine_lang/issues/69","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/69/packages"},{"uuid":"4079926263","node_id":"PR_kwDOLkdYl87Kyuab","number":53,"state":"closed","title":"Bump erlef/setup-beam from 1.20.4 to 1.23.0","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-31T02:54:17.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-16T02:55:29.000Z","updated_at":"2026-03-31T02:54:19.000Z","time_to_close":1295928,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"erlef/setup-beam","old_version":"1.20.4","new_version":"1.23.0","repository_url":"https://github.com/erlef/setup-beam"}],"path":null,"ecosystem":"actions"},"body":"Bumps [erlef/setup-beam](https://github.com/erlef/setup-beam) from 1.20.4 to 1.23.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.23.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.23.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.22.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003emise.toml\u003c/code\u003e as \u003ccode\u003eversion-file\u003c/code\u003e (input) by \u003ca href=\"https://github.com/dinokovac-river\"\u003e\u003ccode\u003e@​dinokovac-river\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/415\"\u003eerlef/setup-beam#415\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDependabot updates\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/419\"\u003eerlef/setup-beam#419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/exec\u003c/code\u003e from 1.1.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/405\"\u003eerlef/setup-beam#405\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/tool-cache\u003c/code\u003e from 2.0.2 to 4.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/407\"\u003eerlef/setup-beam#407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​eslint/js\u003c/code\u003e from 9.38.0 to 10.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/404\"\u003eerlef/setup-beam#404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.1.0 to 6.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/409\"\u003eerlef/setup-beam#409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.2.0 to 6.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/423\"\u003eerlef/setup-beam#423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint from 10.0.1 to 10.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/420\"\u003eerlef/setup-beam#420\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint-plugin-yml from 1.18.0 to 3.3.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/418\"\u003eerlef/setup-beam#418\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump globals from 17.3.0 to 17.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/421\"\u003eerlef/setup-beam#421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump markdownlint-cli from 0.47.0 to 0.48.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/422\"\u003eerlef/setup-beam#422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump prettier from 3.6.2 to 3.8.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/408\"\u003eerlef/setup-beam#408\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.0 to 2.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/410\"\u003eerlef/setup-beam#410\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.1 to 2.1.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/424\"\u003eerlef/setup-beam#424\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003e\u003ccode\u003eee09b1e\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to f8b54b5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/f8b54b559e6123caaab7f1aa113f60a5fad786e6\"\u003e\u003ccode\u003ef8b54b5\u003c/code\u003e\u003c/a\u003e Run ARM-specific tests consistently (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/434\"\u003e#434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf1ce7403467d283c9c2f605633ef849ed3781c8\"\u003e\u003ccode\u003ebf1ce74\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 559a930\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/559a93075107e8996bed015071364d5b82de6c9a\"\u003e\u003ccode\u003e559a930\u003c/code\u003e\u003c/a\u003e Bump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 director...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/1380ebe712baba142b98b84cf8d62c5235dfafc3\"\u003e\u003ccode\u003e1380ebe\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 0a54959\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/0a549596b00a62e47fdaf801584216a26b1831e8\"\u003e\u003ccode\u003e0a54959\u003c/code\u003e\u003c/a\u003e Compatibility matrix strategy (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/389\"\u003e#389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/3a3c94fd9e9380e45cecff3ab9f5b6b9e0d2f6da\"\u003e\u003ccode\u003e3a3c94f\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to cfafb69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/cfafb69dddf4265d6e7aa5232514b85b3f829076\"\u003e\u003ccode\u003ecfafb69\u003c/code\u003e\u003c/a\u003e feat: add Erlang problem matchers (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/433\"\u003e#433\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/b3cbb6afbf19923100205a2cc9ac78dbc5d87113\"\u003e\u003ccode\u003eb3cbb6a\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 2abe6cd\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/2abe6cda7aebef61794fefb3fb28ad5bab8bb158\"\u003e\u003ccode\u003e2abe6cd\u003c/code\u003e\u003c/a\u003e fix: download correct Gleam binary for macOS and Linux ARM64 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/428\"\u003e#428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/e6d7c94229049569db56a7ad5a540c051a010af9...ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=erlef/setup-beam\u0026package-manager=github_actions\u0026previous-version=1.20.4\u0026new-version=1.23.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/kzemek/es6_maps/pull/53","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/kzemek%2Fes6_maps/issues/53","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/53/packages"},{"uuid":"4077165751","node_id":"PR_kwDOQbHBX87Kqp1p","number":15,"state":"open","title":"chore(deps): bump the actions group with 3 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-15T00:23:40.000Z","updated_at":"2026-03-15T00:23:46.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"actions","update_count":3,"packages":[{"name":"erlef/setup-beam","old_version":"1.21.0","new_version":"1.23.0","repository_url":"https://github.com/erlef/setup-beam"},{"name":"webfactory/ssh-agent","old_version":"0.9.1","new_version":"0.10.0","repository_url":"https://github.com/webfactory/ssh-agent"},{"name":"trufflesecurity/trufflehog","old_version":"3.93.7","new_version":"3.93.8","repository_url":"https://github.com/trufflesecurity/trufflehog"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 3 updates: [erlef/setup-beam](https://github.com/erlef/setup-beam), [webfactory/ssh-agent](https://github.com/webfactory/ssh-agent) and [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog).\n\nUpdates `erlef/setup-beam` from 1.21.0 to 1.23.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.23.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.23.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.22.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003emise.toml\u003c/code\u003e as \u003ccode\u003eversion-file\u003c/code\u003e (input) by \u003ca href=\"https://github.com/dinokovac-river\"\u003e\u003ccode\u003e@​dinokovac-river\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/415\"\u003eerlef/setup-beam#415\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDependabot updates\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/419\"\u003eerlef/setup-beam#419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/exec\u003c/code\u003e from 1.1.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/405\"\u003eerlef/setup-beam#405\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/tool-cache\u003c/code\u003e from 2.0.2 to 4.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/407\"\u003eerlef/setup-beam#407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​eslint/js\u003c/code\u003e from 9.38.0 to 10.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/404\"\u003eerlef/setup-beam#404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.1.0 to 6.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/409\"\u003eerlef/setup-beam#409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.2.0 to 6.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/423\"\u003eerlef/setup-beam#423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint from 10.0.1 to 10.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/420\"\u003eerlef/setup-beam#420\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint-plugin-yml from 1.18.0 to 3.3.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/418\"\u003eerlef/setup-beam#418\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump globals from 17.3.0 to 17.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/421\"\u003eerlef/setup-beam#421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump markdownlint-cli from 0.47.0 to 0.48.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/422\"\u003eerlef/setup-beam#422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump prettier from 3.6.2 to 3.8.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/408\"\u003eerlef/setup-beam#408\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.0 to 2.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/410\"\u003eerlef/setup-beam#410\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.1 to 2.1.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/424\"\u003eerlef/setup-beam#424\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003e\u003ccode\u003eee09b1e\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to f8b54b5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/f8b54b559e6123caaab7f1aa113f60a5fad786e6\"\u003e\u003ccode\u003ef8b54b5\u003c/code\u003e\u003c/a\u003e Run ARM-specific tests consistently (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/434\"\u003e#434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf1ce7403467d283c9c2f605633ef849ed3781c8\"\u003e\u003ccode\u003ebf1ce74\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 559a930\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/559a93075107e8996bed015071364d5b82de6c9a\"\u003e\u003ccode\u003e559a930\u003c/code\u003e\u003c/a\u003e Bump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 director...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/1380ebe712baba142b98b84cf8d62c5235dfafc3\"\u003e\u003ccode\u003e1380ebe\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 0a54959\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/0a549596b00a62e47fdaf801584216a26b1831e8\"\u003e\u003ccode\u003e0a54959\u003c/code\u003e\u003c/a\u003e Compatibility matrix strategy (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/389\"\u003e#389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/3a3c94fd9e9380e45cecff3ab9f5b6b9e0d2f6da\"\u003e\u003ccode\u003e3a3c94f\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to cfafb69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/cfafb69dddf4265d6e7aa5232514b85b3f829076\"\u003e\u003ccode\u003ecfafb69\u003c/code\u003e\u003c/a\u003e feat: add Erlang problem matchers (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/433\"\u003e#433\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/b3cbb6afbf19923100205a2cc9ac78dbc5d87113\"\u003e\u003ccode\u003eb3cbb6a\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 2abe6cd\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/2abe6cda7aebef61794fefb3fb28ad5bab8bb158\"\u003e\u003ccode\u003e2abe6cd\u003c/code\u003e\u003c/a\u003e fix: download correct Gleam binary for macOS and Linux ARM64 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/428\"\u003e#428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/3580539ceec3dc05b0ed51e9e10b08eb7a7c2bb4...ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webfactory/ssh-agent` from 0.9.1 to 0.10.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webfactory/ssh-agent/releases\"\u003ewebfactory/ssh-agent's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.10.0: Upgrade to node-24\u003c/h2\u003e\n\u003cp\u003eThis release upgrades from node 20 to node 24, preparing for Node 20's upcoming EOL and getting rid of the related warning message in GitHub.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003euse node24 by \u003ca href=\"https://github.com/jimmymcpeter\"\u003e\u003ccode\u003e@​jimmymcpeter\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webfactory/ssh-agent/pull/243\"\u003ewebfactory/ssh-agent#243\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jimmymcpeter\"\u003e\u003ccode\u003e@​jimmymcpeter\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/webfactory/ssh-agent/pull/243\"\u003ewebfactory/ssh-agent#243\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/webfactory/ssh-agent/compare/v0.9.1...v0.10.0\"\u003ehttps://github.com/webfactory/ssh-agent/compare/v0.9.1...v0.10.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webfactory/ssh-agent/commit/e83874834305fe9a4a2997156cb26c5de65a8555\"\u003e\u003ccode\u003ee838748\u003c/code\u003e\u003c/a\u003e use node24 (\u003ca href=\"https://redirect.github.com/webfactory/ssh-agent/issues/243\"\u003e#243\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/webfactory/ssh-agent/compare/a6f90b1f127823b31d4d4a8d96047790581349bd...e83874834305fe9a4a2997156cb26c5de65a8555\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `trufflesecurity/trufflehog` from 3.93.7 to 3.93.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/trufflesecurity/trufflehog/releases\"\u003etrufflesecurity/trufflehog's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.93.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: make LDAP verification context-aware by \u003ca href=\"https://github.com/mariduv\"\u003e\u003ccode\u003e@​mariduv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4768\"\u003etrufflesecurity/trufflehog#4768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStop growing filesystem resume data by \u003ca href=\"https://github.com/rosecodym\"\u003e\u003ccode\u003e@​rosecodym\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4797\"\u003etrufflesecurity/trufflehog#4797\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/trufflesecurity/trufflehog/compare/v3.93.7...v3.93.8\"\u003ehttps://github.com/trufflesecurity/trufflehog/compare/v3.93.7...v3.93.8\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trufflesecurity/trufflehog/commit/6c05c4a00b91aa542267d8e32a8254774799d68d\"\u003e\u003ccode\u003e6c05c4a\u003c/code\u003e\u003c/a\u003e Stop growing filesystem resume data (\u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/issues/4797\"\u003e#4797\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trufflesecurity/trufflehog/commit/ef63d66d58bb7317d9b220b02af5beae569835ee\"\u003e\u003ccode\u003eef63d66\u003c/code\u003e\u003c/a\u003e fix: make LDAP verification context-aware (\u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/issues/4768\"\u003e#4768\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/trufflesecurity/trufflehog/compare/c3e599b7163e8198a55467f3133db0e7b2a492cb...6c05c4a00b91aa542267d8e32a8254774799d68d\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/hyperpolymath/civic-connect/pull/15","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyperpolymath%2Fcivic-connect/issues/15","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/15/packages"},{"uuid":"4055242666","node_id":"PR_kwDORenSms7JjuGJ","number":9,"state":"closed","title":"chore(deps): bump erlef/setup-beam from 1.21.0 to 1.22.0","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-18T02:07:36.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-11T02:08:44.000Z","updated_at":"2026-03-18T02:07:38.000Z","time_to_close":604732,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"erlef/setup-beam","old_version":"1.21.0","new_version":"1.22.0","repository_url":"https://github.com/erlef/setup-beam"}],"path":null,"ecosystem":"actions"},"body":"Bumps [erlef/setup-beam](https://github.com/erlef/setup-beam) from 1.21.0 to 1.22.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.22.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003emise.toml\u003c/code\u003e as \u003ccode\u003eversion-file\u003c/code\u003e (input) by \u003ca href=\"https://github.com/dinokovac-river\"\u003e\u003ccode\u003e@​dinokovac-river\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/415\"\u003eerlef/setup-beam#415\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDependabot updates\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/419\"\u003eerlef/setup-beam#419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/exec\u003c/code\u003e from 1.1.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/405\"\u003eerlef/setup-beam#405\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/tool-cache\u003c/code\u003e from 2.0.2 to 4.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/407\"\u003eerlef/setup-beam#407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​eslint/js\u003c/code\u003e from 9.38.0 to 10.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/404\"\u003eerlef/setup-beam#404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.1.0 to 6.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/409\"\u003eerlef/setup-beam#409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.2.0 to 6.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/423\"\u003eerlef/setup-beam#423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint from 10.0.1 to 10.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/420\"\u003eerlef/setup-beam#420\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint-plugin-yml from 1.18.0 to 3.3.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/418\"\u003eerlef/setup-beam#418\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump globals from 17.3.0 to 17.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/421\"\u003eerlef/setup-beam#421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump markdownlint-cli from 0.47.0 to 0.48.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/422\"\u003eerlef/setup-beam#422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump prettier from 3.6.2 to 3.8.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/408\"\u003eerlef/setup-beam#408\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.0 to 2.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/410\"\u003eerlef/setup-beam#410\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.1 to 2.1.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/424\"\u003eerlef/setup-beam#424\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump semver from 7.7.2 to 7.7.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/406\"\u003eerlef/setup-beam#406\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eLicense updates\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for license update automation by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/412\"\u003eerlef/setup-beam#412\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/413\"\u003eerlef/setup-beam#413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/414\"\u003eerlef/setup-beam#414\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/416\"\u003eerlef/setup-beam#416\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/417\"\u003eerlef/setup-beam#417\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate 3rd party licenses by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/411\"\u003eerlef/setup-beam#411\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dinokovac-river\"\u003e\u003ccode\u003e@​dinokovac-river\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/415\"\u003eerlef/setup-beam#415\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1.21.0...v1.22.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1.21.0...v1.22.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/9d5b75ddfda22fb979d2270283237aef8aa68d6b\"\u003e\u003ccode\u003e9d5b75d\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 98c13a9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/98c13a9ed3d014f0298b25782ec163d31f6b3c88\"\u003e\u003ccode\u003e98c13a9\u003c/code\u003e\u003c/a\u003e Support \u003ccode\u003emise.toml\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/415\"\u003e#415\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/0f13bcf18a7fc2199c7096a730e06b4cf105a8fa\"\u003e\u003ccode\u003e0f13bcf\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to c3137f5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/c3137f5cd54be80c81bfcbe43822a4b0521689cb\"\u003e\u003ccode\u003ec3137f5\u003c/code\u003e\u003c/a\u003e Bump globals from 17.3.0 to 17.4.0 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/421\"\u003e#421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/4cbacdb2a92d48255a8b35e02b20ec42dacf0693\"\u003e\u003ccode\u003e4cbacdb\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 687000a\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/687000ab96a7e7bcd1870902db74cc514cacae5a\"\u003e\u003ccode\u003e687000a\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/419\"\u003e#419\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/9ba6605098a2a5f503b75b7cd48e103835afd663\"\u003e\u003ccode\u003e9ba6605\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-yml from 1.18.0 to 3.3.1 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/722d91de6ec6f037784d81fb762807fed8639643\"\u003e\u003ccode\u003e722d91d\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to f79887d\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/f79887d1babe91ea1dfce308d4c8b207564c450d\"\u003e\u003ccode\u003ef79887d\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.0.1 to 10.0.3 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/420\"\u003e#420\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/30a0896082f4d05c1f984e3a4b26312a1e6759c1\"\u003e\u003ccode\u003e30a0896\u003c/code\u003e\u003c/a\u003e Bump markdownlint-cli from 0.47.0 to 0.48.0 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/422\"\u003e#422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/3580539ceec3dc05b0ed51e9e10b08eb7a7c2bb4...9d5b75ddfda22fb979d2270283237aef8aa68d6b\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=erlef/setup-beam\u0026package-manager=github_actions\u0026previous-version=1.21.0\u0026new-version=1.22.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/mattneel/ex_lancedb/pull/9","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mattneel%2Fex_lancedb/issues/9","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9/packages"}],"issue_packages":[{"old_version":"1.20.4","new_version":"1.24.0","update_type":"minor","path":null,"pr_created_at":"2026-05-24T02:31:09.000Z","version_change":"1.20.4 → 1.24.0","issue":{"uuid":"4510259779","node_id":"PR_kwDOSGY35c7et5XV","number":22,"state":"closed","title":"chore(deps): Bump the actions group with 12 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-24T05:50:51.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-24T02:31:09.000Z","updated_at":"2026-05-24T05:51:30.000Z","time_to_close":11982,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): Bump","group_name":"actions","update_count":12,"packages":[{"name":"actions/checkout","old_version":"4.3.1","new_version":"6.0.2","repository_url":"https://github.com/actions/checkout"},{"name":"github/codeql-action","old_version":"4.32.6","new_version":"4.36.0","repository_url":"https://github.com/github/codeql-action"},{"name":"dependabot/fetch-metadata","old_version":"2.2.0","new_version":"3.1.0","repository_url":"https://github.com/dependabot/fetch-metadata"},{"name":"erlef/setup-beam","old_version":"1.20.4","new_version":"1.24.0","repository_url":"https://github.com/erlef/setup-beam"},{"name":"actions/upload-artifact","old_version":"4.6.2","new_version":"7.0.1","repository_url":"https://github.com/actions/upload-artifact"},{"name":"actions/github-script","old_version":"8.0.0","new_version":"9.0.0","repository_url":"https://github.com/actions/github-script"}],"path":null,"ecosystem":"actions"},"body":"Updates the requirements on [actions/checkout](https://github.com/actions/checkout), [github/codeql-action](https://github.com/github/codeql-action), [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata), [erlef/setup-beam](https://github.com/erlef/setup-beam), [actions/upload-artifact](https://github.com/actions/upload-artifact), [actions/github-script](https://github.com/actions/github-script), [webfactory/ssh-agent](https://github.com/webfactory/ssh-agent), [dtolnay/rust-toolchain](https://github.com/dtolnay/rust-toolchain), [softprops/action-gh-release](https://github.com/softprops/action-gh-release), [Swatinem/rust-cache](https://github.com/swatinem/rust-cache), [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) and [actions/download-artifact](https://github.com/actions/download-artifact) to permit the latest version.\nUpdates `actions/checkout` from 4.3.1 to 6.0.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/releases\"\u003eactions/checkout's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set by \u003ca href=\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2355\"\u003eactions/checkout#2355\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix tag handling: preserve annotations and explicit fetch-tags by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2356\"\u003eactions/checkout#2356\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v6.0.1...v6.0.2\"\u003ehttps://github.com/actions/checkout/compare/v6.0.1...v6.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate all references from v5 and v4 to v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2314\"\u003eactions/checkout#2314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd worktree support for persist-credentials includeIf by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2327\"\u003eactions/checkout#2327\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify v6 README by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2328\"\u003eactions/checkout#2328\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v6...v6.0.1\"\u003ehttps://github.com/actions/checkout/compare/v6...v6.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev6-beta by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2298\"\u003eactions/checkout#2298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate readme/changelog for v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2311\"\u003eactions/checkout#2311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/checkout/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6-beta\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eUpdated persist-credentials to store the credentials under \u003ccode\u003e$RUNNER_TEMP\u003c/code\u003e instead of directly in the local git config.\u003c/p\u003e\n\u003cp\u003eThis requires a minimum Actions Runner version of \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.329.0\"\u003ev2.329.0\u003c/a\u003e to access the persisted credentials for \u003ca href=\"https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action\"\u003eDocker container action\u003c/a\u003e scenarios.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5...v5.0.1\"\u003ehttps://github.com/actions/checkout/compare/v5...v5.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare v5.0.0 release by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2238\"\u003eactions/checkout#2238\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/blob/main/CHANGELOG.md\"\u003eactions/checkout's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix tag handling: preserve annotations and explicit fetch-tags by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2356\"\u003eactions/checkout#2356\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd worktree support for persist-credentials includeIf by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2327\"\u003eactions/checkout#2327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca href=\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca href=\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca href=\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdjust positioning of user email note and permissions heading by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2044\"\u003eactions/checkout#2044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2194\"\u003eactions/checkout#2194\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CODEOWNERS for actions by \u003ca href=\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2224\"\u003eactions/checkout#2224\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate package dependencies by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2236\"\u003eactions/checkout#2236\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eurl-helper.ts\u003c/code\u003e now leverages well-known environment variables by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1941\"\u003eactions/checkout#1941\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpand unit test coverage for \u003ccode\u003eisGhes\u003c/code\u003e by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1946\"\u003eactions/checkout#1946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck out other refs/* by commit if provided, fall back to ref by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1924\"\u003eactions/checkout#1924\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Ref and Commit outputs by \u003ca href=\"https://github.com/lucacome\"\u003e\u003ccode\u003e@​lucacome\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1180\"\u003eactions/checkout#1180\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDependency updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e- \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1777\"\u003eactions/checkout#1777\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1872\"\u003eactions/checkout#1872\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump the minor-npm-dependencies group across 1 directory with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1739\"\u003eactions/checkout#1739\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 3 to 4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1697\"\u003eactions/checkout#1697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCheck out other refs/* by commit by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1774\"\u003eactions/checkout#1774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin actions/checkout's own workflows to a known, good, stable version. by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1776\"\u003eactions/checkout#1776\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck platform to set archive extension appropriately by \u003ca href=\"https://github.com/cory-miller\"\u003e\u003ccode\u003e@​cory-miller\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1732\"\u003eactions/checkout#1732\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003e\u003ccode\u003ede0fac2\u003c/code\u003e\u003c/a\u003e Fix tag handling: preserve annotations and explicit fetch-tags (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2356\"\u003e#2356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49\"\u003e\u003ccode\u003e064fe7f\u003c/code\u003e\u003c/a\u003e Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8\"\u003e\u003ccode\u003e8e8c483\u003c/code\u003e\u003c/a\u003e Clarify v6 README (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2328\"\u003e#2328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1\"\u003e\u003ccode\u003e033fa0d\u003c/code\u003e\u003c/a\u003e Add worktree support for persist-credentials includeIf (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2327\"\u003e#2327\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5\"\u003e\u003ccode\u003ec2d88d3\u003c/code\u003e\u003c/a\u003e Update all references from v5 and v4 to v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2314\"\u003e#2314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3\"\u003e\u003ccode\u003e1af3b93\u003c/code\u003e\u003c/a\u003e update readme/changelog for v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2311\"\u003e#2311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e\"\u003e\u003ccode\u003e71cf226\u003c/code\u003e\u003c/a\u003e v6-beta (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2298\"\u003e#2298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e\"\u003e\u003ccode\u003e069c695\u003c/code\u003e\u003c/a\u003e Persist creds to a separate file (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2286\"\u003e#2286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493\"\u003e\u003ccode\u003eff7abcd\u003c/code\u003e\u003c/a\u003e Update README to include Node.js 24 support details and requirements (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8\"\u003e\u003ccode\u003e08c6903\u003c/code\u003e\u003c/a\u003e Prepare v5.0.0 release (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2238\"\u003e#2238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/checkout/compare/v4.3.1...de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 4.32.6 to 4.36.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.36.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eBreaking change\u003c/em\u003e: Bump the minimum required CodeQL bundle version to 2.19.4. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3894\"\u003e#3894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5\"\u003e2.25.5\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3926\"\u003e#3926\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.34.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDowngrade default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e due to issues with a small percentage of Actions and JavaScript analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3762\"\u003e#3762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.34.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded an experimental change which disables TRAP caching when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3569\"\u003e#3569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWe are rolling out improved incremental analysis to C/C++ analyses that use build mode \u003ccode\u003enone\u003c/code\u003e. We expect this rollout to be complete by the end of April 2026. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3584\"\u003e#3584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0\"\u003e2.25.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3585\"\u003e#3585\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.33.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.36.0 - 22 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eBreaking change\u003c/em\u003e: Bump the minimum required CodeQL bundle version to 2.19.4. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3894\"\u003e#3894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5\"\u003e2.25.5\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3926\"\u003e#3926\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.5 - 15 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.4 - 07 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.3 - 01 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.2 - 15 Apr 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.1 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.0 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7211b7c8077ea37d8641b6271f6a365a22a5fbfa\"\u003e\u003ccode\u003e7211b7c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3927\"\u003e#3927\u003c/a\u003e from github/update-v4.36.0-ebc2d9e2b\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7740f2fb21add1d46278215acea47540db22f022\"\u003e\u003ccode\u003e7740f2f\u003c/code\u003e\u003c/a\u003e Update changelog for v4.36.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/ebc2d9e2bc247eec51bee8d4df806c4030eb0761\"\u003e\u003ccode\u003eebc2d9e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3926\"\u003e#3926\u003c/a\u003e from github/update-bundle/codeql-bundle-v2.25.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/d1f74b777c95c777bf4f42ce4b250bc916e745c7\"\u003e\u003ccode\u003ed1f74b7\u003c/code\u003e\u003c/a\u003e Add changelog note\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/2dc40cec39bdc63d3561d74fa6100cebb0418ff4\"\u003e\u003ccode\u003e2dc40ce\u003c/code\u003e\u003c/a\u003e Update default bundle to codeql-bundle-v2.25.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/84498526a009a99c875e83ef4821a8ba52de7c22\"\u003e\u003ccode\u003e8449852\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3910\"\u003e#3910\u003c/a\u003e from github/henrymercer/repo-size-diff-check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/72ac23c6d16b29fbe801e87e3439941558c53094\"\u003e\u003ccode\u003e72ac23c\u003c/code\u003e\u003c/a\u003e Update excluded required check list\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/c5297a28a2c3e6a8062041b58858bd7117cebe37\"\u003e\u003ccode\u003ec5297a2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3919\"\u003e#3919\u003c/a\u003e from github/henrymercer/workflow-concurrency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/8ffeae7d05bc1b914a009d197e64e4f5c9e14503\"\u003e\u003ccode\u003e8ffeae7\u003c/code\u003e\u003c/a\u003e CI: Automatically cancel non-generated workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/f3f52bf568dc44a1069faafa538caa6b1fec40c9\"\u003e\u003ccode\u003ef3f52bf\u003c/code\u003e\u003c/a\u003e Revert \u003ccode\u003egetErrorMessage\u003c/code\u003e import\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/v4.32.6...7211b7c8077ea37d8641b6271f6a365a22a5fbfa\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dependabot/fetch-metadata` from 2.2.0 to 3.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dependabot/fetch-metadata/releases\"\u003edependabot/fetch-metadata's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd permissions to all workflows by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/687\"\u003edependabot/fetch-metadata#687\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump globals from 16.0.0 to 17.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/690\"\u003edependabot/fetch-metadata#690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump esbuild from 0.27.4 to 0.28.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/693\"\u003edependabot/fetch-metadata#693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​hono/node-server\u003c/code\u003e from 1.19.10 to 1.19.13 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/694\"\u003edependabot/fetch-metadata#694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump hono from 4.12.7 to 4.12.12 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/695\"\u003edependabot/fetch-metadata#695\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDynamically update the tracking tag in action by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/696\"\u003edependabot/fetch-metadata#696\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: handle duplicate dependency names in parseMetadataLinks by \u003ca href=\"https://github.com/devantler\"\u003e\u003ccode\u003e@​devantler\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/700\"\u003edependabot/fetch-metadata#700\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: remove $ anchor from updateFragment regex to handle pip directory suffixes by \u003ca href=\"https://github.com/devantler\"\u003e\u003ccode\u003e@​devantler\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/698\"\u003edependabot/fetch-metadata#698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdates to README for permissions clarification by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/697\"\u003edependabot/fetch-metadata#697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: resolve update-type null for Python, Composer, and Terraform PRs by \u003ca href=\"https://github.com/vitorsdcs\"\u003e\u003ccode\u003e@​vitorsdcs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/704\"\u003edependabot/fetch-metadata#704\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump globals from 17.4.0 to 17.5.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/703\"\u003edependabot/fetch-metadata#703\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/701\"\u003edependabot/fetch-metadata#701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump \u003ccode\u003e@​actions/github\u003c/code\u003e from 9.0.0 to 9.1.0 in the dependencies group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/702\"\u003edependabot/fetch-metadata#702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump hono from 4.12.12 to 4.12.14 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/705\"\u003edependabot/fetch-metadata#705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev3.1.0 by \u003ca href=\"https://github.com/fetch-metadata-action-automation\"\u003e\u003ccode\u003e@​fetch-metadata-action-automation\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/692\"\u003edependabot/fetch-metadata#692\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/devantler\"\u003e\u003ccode\u003e@​devantler\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/700\"\u003edependabot/fetch-metadata#700\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitorsdcs\"\u003e\u003ccode\u003e@​vitorsdcs\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/704\"\u003edependabot/fetch-metadata#704\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/dependabot/fetch-metadata/compare/v3...v3.1.0\"\u003ehttps://github.com/dependabot/fetch-metadata/compare/v3...v3.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.0\u003c/h2\u003e\n\u003cp\u003eThe breaking change is requiring Node.js version v24 as the Actions runtime.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: Parse versions from metadata links by \u003ca href=\"https://github.com/ppkarwasz\"\u003e\u003ccode\u003e@​ppkarwasz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/632\"\u003edependabot/fetch-metadata#632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade actions core and actions github packages by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/649\"\u003edependabot/fetch-metadata#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Add notes for using \u003ccode\u003ealert-lookup\u003c/code\u003e with App Token by \u003ca href=\"https://github.com/sue445\"\u003e\u003ccode\u003e@​sue445\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/656\"\u003edependabot/fetch-metadata#656\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat!: update Node.js version to v24 by \u003ca href=\"https://github.com/sturman\"\u003e\u003ccode\u003e@​sturman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/671\"\u003edependabot/fetch-metadata#671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch build tooling from ncc to esbuild by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/676\"\u003edependabot/fetch-metadata#676\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd --legal-comments=none to esbuild build commands by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/679\"\u003edependabot/fetch-metadata#679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump tsconfig target from es2022 to es2024 by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/680\"\u003edependabot/fetch-metadata#680\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove vestigial outDir from tsconfig.json by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/681\"\u003edependabot/fetch-metadata#681\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch tsconfig module resolution to bundler by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/682\"\u003edependabot/fetch-metadata#682\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove skipLibCheck from tsconfig.json by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/683\"\u003edependabot/fetch-metadata#683\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd typecheck step to CI by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/685\"\u003edependabot/fetch-metadata#685\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnable noImplicitAny in tsconfig.json by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/684\"\u003edependabot/fetch-metadata#684\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​actions/core\u003c/code\u003e to ^3.0.0 by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/677\"\u003edependabot/fetch-metadata#677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​actions/github\u003c/code\u003e to ^9.0.0 and \u003ccode\u003e@​octokit/request-error\u003c/code\u003e to ^7.1.0 by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/678\"\u003edependabot/fetch-metadata#678\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump qs from 6.14.0 to 6.14.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/651\"\u003edependabot/fetch-metadata#651\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.11.1 to 4.11.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/652\"\u003edependabot/fetch-metadata#652\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.11.4 to 4.11.7 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/653\"\u003edependabot/fetch-metadata#653\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.11.7 to 4.12.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/657\"\u003edependabot/fetch-metadata#657\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump qs from 6.14.1 to 6.14.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/655\"\u003edependabot/fetch-metadata#655\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e from 1.25.1 to 1.26.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/654\"\u003edependabot/fetch-metadata#654\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​hono/node-server\u003c/code\u003e from 1.19.9 to 1.19.10 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/665\"\u003edependabot/fetch-metadata#665\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.12.2 to 4.12.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/664\"\u003edependabot/fetch-metadata#664\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/25dd0e34f4fe68f24cc83900b1fe3fe149efef98\"\u003e\u003ccode\u003e25dd0e3\u003c/code\u003e\u003c/a\u003e v3.1.0 (\u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/692\"\u003e#692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/e073f50d732cb48d48fb80afedb4fa61361626e9\"\u003e\u003ccode\u003ee073f50\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/705\"\u003e#705\u003c/a\u003e from dependabot/dependabot/npm_and_yarn/hono-4.12.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/0670e167df1fbee1b0d07121de6a182ddebdd674\"\u003e\u003ccode\u003e0670e16\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump hono from 4.12.12 to 4.12.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/7a7fe10a42310e65df80af6c771e9aa5d59842d1\"\u003e\u003ccode\u003e7a7fe10\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/702\"\u003e#702\u003c/a\u003e from dependabot/dependabot/npm_and_yarn/dependencies-...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/5168191cea3d4daa635bff6c796b4f0faeba522d\"\u003e\u003ccode\u003e5168191\u003c/code\u003e\u003c/a\u003e Updating dist build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/23882e175b2f16bc495c89aa50940399c6a17504\"\u003e\u003ccode\u003e23882e1\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​actions/github\u003c/code\u003e in the dependencies group\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/1072469591c13fda1d8dba1d1ac2e80187e247d7\"\u003e\u003ccode\u003e1072469\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/701\"\u003e#701\u003c/a\u003e from dependabot/dependabot/github_actions/actions/cre...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/43f8a0055c8e32587be67e097dff89a6823c9752\"\u003e\u003ccode\u003e43f8a00\u003c/code\u003e\u003c/a\u003e build(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/b4d904a50935c8ebe744da148ea8a18a43fe72e1\"\u003e\u003ccode\u003eb4d904a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/703\"\u003e#703\u003c/a\u003e from dependabot/dependabot/npm_and_yarn/globals-17.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/c8046bb877d9989cc848797de1b944bc3e93ef82\"\u003e\u003ccode\u003ec8046bb\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump globals from 17.4.0 to 17.5.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/dependabot/fetch-metadata/compare/dbb049abf0d677abbd7f7eee0375145b417fdd34...25dd0e34f4fe68f24cc83900b1fe3fe149efef98\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `erlef/setup-beam` from 1.20.4 to 1.24.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.24.0\u003c/h2\u003e\n\u003ch2\u003e⚠️ Potentially breaking changes\u003c/h2\u003e\n\u003cp\u003eSince GitHub is phasing out Node 20 runners, the \u003ccode\u003eerlef/setup-beam\u003c/code\u003e action has updated its requirements ([see PR \u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/426\"\u003e#426\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e)). Please \u003cstrong\u003eensure your workflow files are updated\u003c/strong\u003e to align with the \u003ca href=\"https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/\"\u003elatest GitHub Actions standards\u003c/a\u003e to avoid execution failures.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Node 24 runtime by \u003ca href=\"https://github.com/levibuzolic\"\u003e\u003ccode\u003e@​levibuzolic\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix error that occurs when parsing TOML files that use dotted keys by \u003ca href=\"https://github.com/mitchellhenke\"\u003e\u003ccode\u003e@​mitchellhenke\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/444\"\u003eerlef/setup-beam#444\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAutomation\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/435\"\u003eerlef/setup-beam#435\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/436\"\u003eerlef/setup-beam#436\u003c/a\u003e, and \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/442\"\u003eerlef/setup-beam#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSecurity\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump eslint from 10.0.3 to 10.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/439\"\u003eerlef/setup-beam#439\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump yauzl from 3.2.0 to 3.2.1 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/437\"\u003eerlef/setup-beam#437\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump csv-parse from 6.1.0 to 6.2.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/440\"\u003eerlef/setup-beam#440\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump picomatch from 4.0.3 to 4.0.4 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/443\"\u003eerlef/setup-beam#443\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: address \u003ccode\u003ePrototype Pollution via parse() in NodeJS flatted\u003c/code\u003e by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/445\"\u003eerlef/setup-beam#445\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/levibuzolic\"\u003e\u003ccode\u003e@​levibuzolic\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mitchellhenke\"\u003e\u003ccode\u003e@​mitchellhenke\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/444\"\u003eerlef/setup-beam#444\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.24.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.24.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/fc68ffb90438ef2936bbb3251622353b3dcb2f93\"\u003e\u003ccode\u003efc68ffb\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 190c3a5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/190c3a5e7b2d0a7e53ac2ae08f02a617c755b13d\"\u003e\u003ccode\u003e190c3a5\u003c/code\u003e\u003c/a\u003e Fix error that occurs when parsing TOML files that use dotted keys (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/444\"\u003e#444\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/92dab893ed9373c7c8b219be47f9e6ad3684507b\"\u003e\u003ccode\u003e92dab89\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 5dfda65\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/5dfda6550693b3e524212c8e8956489385351723\"\u003e\u003ccode\u003e5dfda65\u003c/code\u003e\u003c/a\u003e fix: address \u003ccode\u003ePrototype Pollution via parse() in NodeJS flatted\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/445\"\u003e#445\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ef385d6edc40d082c376680340dc4581014fb5c3\"\u003e\u003ccode\u003eef385d6\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to bf3c3af\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf3c3af135ef07a5f34ef23377a9cbf2b2e1fab0\"\u003e\u003ccode\u003ebf3c3af\u003c/code\u003e\u003c/a\u003e Bump picomatch from 4.0.3 to 4.0.4 in the npm_and_yarn group across 1 directo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/e7645e410255776e1f30cddea2b7842df4b842fb\"\u003e\u003ccode\u003ee7645e4\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to a36098e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/a36098e7415c702808cc414302b5a3fa2c83df52\"\u003e\u003ccode\u003ea36098e\u003c/code\u003e\u003c/a\u003e Bump csv-parse from 6.1.0 to 6.2.1 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/440\"\u003e#440\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/87781dc68a92d3ae823e02b5a7c030621fcc71a2\"\u003e\u003ccode\u003e87781dc\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to d5f3979\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/d5f3979a5f2803385ad71e7a9e178d31f89b8d2b\"\u003e\u003ccode\u003ed5f3979\u003c/code\u003e\u003c/a\u003e Support Node 24 runtime (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/426\"\u003e#426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1.20.4...fc68ffb90438ef2936bbb3251622353b3dcb2f93\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/upload-artifact` from 4.6.2 to 7.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/upload-artifact/releases\"\u003eactions/upload-artifact's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate the readme with direct upload details by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/795\"\u003eactions/upload-artifact#795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReadme: bump all the example versions to v7 by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/796\"\u003eactions/upload-artifact#796\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInclude changes in typespec/ts-http-runtime 0.3.5 by \u003ca href=\"https://github.com/yacaovsnc\"\u003e\u003ccode\u003e@​yacaovsnc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/797\"\u003eactions/upload-artifact#797\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/upload-artifact/compare/v7...v7.0.1\"\u003ehttps://github.com/actions/upload-artifact/compare/v7...v7.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003ch2\u003ev7 What's new\u003c/h2\u003e\n\u003ch3\u003eDirect Uploads\u003c/h3\u003e\n\u003cp\u003eAdds support for uploading single files directly (unzipped). Callers can set the new \u003ccode\u003earchive\u003c/code\u003e parameter to \u003ccode\u003efalse\u003c/code\u003e to skip zipping the file during upload. Right now, we only support single files. The action will fail if the glob passed resolves to multiple files. The \u003ccode\u003ename\u003c/code\u003e parameter is also ignored with this setting. Instead, the name of the artifact will be the name of the uploaded file.\u003c/p\u003e\n\u003ch3\u003eESM\u003c/h3\u003e\n\u003cp\u003eTo support new versions of the \u003ccode\u003e@actions/*\u003c/code\u003e packages, we've upgraded the package to ESM.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd proxy integration test by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/754\"\u003eactions/upload-artifact#754\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade the module to ESM and bump dependencies by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/762\"\u003eactions/upload-artifact#762\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport direct file uploads by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/764\"\u003eactions/upload-artifact#764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- made their first contribution in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/754\"\u003eactions/upload-artifact#754\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/upload-artifact/compare/v6...v7.0.0\"\u003ehttps://github.com/actions/upload-artifact/compare/v6...v7.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003ev6 - What's new\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\nactions/upload-artifact@v6 now runs on Node.js 24 (\u003ccode\u003eruns.using: node24\u003c/code\u003e) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eNode.js 24\u003c/h3\u003e\n\u003cp\u003eThis release updates the runtime to Node.js 24. v5 had preliminary support for Node.js 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpload Artifact Node 24 support by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/719\"\u003eactions/upload-artifact#719\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update \u003ccode\u003e@​actions/artifact\u003c/code\u003e for Node.js 24 punycode deprecation by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/744\"\u003eactions/upload-artifact#744\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eprepare release v6.0.0 for Node.js 24 support by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/745\"\u003eactions/upload-artifact#745\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/043fb46d1a93c77aae656e7c1c64a875d1fc6a0a\"\u003e\u003ccode\u003e043fb46\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/797\"\u003e#797\u003c/a\u003e from actions/yacaovsnc/update-dependency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/634250c1388765ea7ed0f053e636f1f399000b94\"\u003e\u003ccode\u003e634250c\u003c/code\u003e\u003c/a\u003e Include changes in typespec/ts-http-runtime 0.3.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/e454baaac2be505c9450e11b8f3215c6fc023ce8\"\u003e\u003ccode\u003ee454baa\u003c/code\u003e\u003c/a\u003e Readme: bump all the example versions to v7 (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/796\"\u003e#796\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/74fad66b98a6d799dc004d3353ccd0e6f6b2530e\"\u003e\u003ccode\u003e74fad66\u003c/code\u003e\u003c/a\u003e Update the readme with direct upload details (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/795\"\u003e#795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/bbbca2ddaa5d8feaa63e36b76fdaad77386f024f\"\u003e\u003ccode\u003ebbbca2d\u003c/code\u003e\u003c/a\u003e Support direct file uploads (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/764\"\u003e#764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/589182c5a4cec8920b8c1bce3e2fab1c97a02296\"\u003e\u003ccode\u003e589182c\u003c/code\u003e\u003c/a\u003e Upgrade the module to ESM and bump dependencies (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/762\"\u003e#762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/47309c993abb98030a35d55ef7ff34b7fa1074b5\"\u003e\u003ccode\u003e47309c9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/754\"\u003e#754\u003c/a\u003e from actions/Link-/add-proxy-integration-tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/02a8460834e70dab0ce194c64360c59dc1475ef0\"\u003e\u003ccode\u003e02a8460\u003c/code\u003e\u003c/a\u003e Add proxy integration test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/b7c566a772e6b6bfb58ed0dc250532a479d7789f\"\u003e\u003ccode\u003eb7c566a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/745\"\u003e#745\u003c/a\u003e from actions/upload-artifact-v6-release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/e516bc8500aaf3d07d591fcd4ae6ab5f9c391d5b\"\u003e\u003ccode\u003ee516bc8\u003c/code\u003e\u003c/a\u003e docs: correct description of Node.js 24 support in README\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/upload-artifact/compare/ea165f8d65b6e75b540449e92b4886f43607fa02...043fb46d1a93c77aae656e7c1c64a875d1fc6a0a\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/github-script` from 8.0.0 to 9.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/github-script/releases\"\u003eactions/github-script's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eNew features:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003egetOctokit\u003c/code\u003e factory function\u003c/strong\u003e — Available directly in the script context. Create additional authenticated Octokit clients with different tokens for multi-token workflows, GitHub App tokens, and cross-org access. See \u003ca href=\"https://github.com/actions/github-script#creating-additional-clients-with-getoctokit\"\u003eCreating additional clients with \u003ccode\u003egetOctokit\u003c/code\u003e\u003c/a\u003e for details and examples.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eOrchestration ID in user-agent\u003c/strong\u003e — The \u003ccode\u003eACTIONS_ORCHESTRATION_ID\u003c/code\u003e environment variable is automatically appended to the user-agent string for request tracing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking changes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003erequire('@actions/github')\u003c/code\u003e no longer works in scripts.\u003c/strong\u003e The upgrade to \u003ccode\u003e@actions/github\u003c/code\u003e v9 (ESM-only) means \u003ccode\u003erequire('@actions/github')\u003c/code\u003e will fail at runtime. If you previously used patterns like \u003ccode\u003econst { getOctokit } = require('@actions/github')\u003c/code\u003e to create secondary clients, use the new injected \u003ccode\u003egetOctokit\u003c/code\u003e function instead — it's available directly in the script context with no imports needed.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003egetOctokit\u003c/code\u003e is now an injected function parameter. Scripts that declare \u003ccode\u003econst getOctokit = ...\u003c/code\u003e or \u003ccode\u003elet getOctokit = ...\u003c/code\u003e will get a \u003ccode\u003eSyntaxError\u003c/code\u003e because JavaScript does not allow \u003ccode\u003econst\u003c/code\u003e/\u003ccode\u003elet\u003c/code\u003e redeclaration of function parameters. Use the injected \u003ccode\u003egetOctokit\u003c/code\u003e directly, or use \u003ccode\u003evar getOctokit = ...\u003c/code\u003e if you need to redeclare it.\u003c/li\u003e\n\u003cli\u003eIf your script accesses other \u003ccode\u003e@actions/github\u003c/code\u003e internals beyond the standard \u003ccode\u003egithub\u003c/code\u003e/\u003ccode\u003eoctokit\u003c/code\u003e client, you may need to update those references for v9 compatibility.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd ACTIONS_ORCHESTRATION_ID to user-agent string by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/695\"\u003eactions/github-script#695\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: use deployment: false for integration test environments by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/712\"\u003eactions/github-script#712\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat!: add getOctokit to script context, upgrade \u003ccode\u003e@​actions/github\u003c/code\u003e v9, \u003ccode\u003e@​octokit/core\u003c/code\u003e v7, and related packages by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/700\"\u003eactions/github-script#700\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/695\"\u003eactions/github-script#695\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/github-script/compare/v8.0.0...v9.0.0\"\u003ehttps://github.com/actions/github-script/compare/v8.0.0...v9.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/3a2844b7e9c422d3c10d287c895573f7108da1b3\"\u003e\u003ccode\u003e3a2844b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/github-script/issues/700\"\u003e#700\u003c/a\u003e from actions/salmanmkc/expose-getoctokit + prepare re...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/ca10bbdd1a7739de09e99a200c7a59f5d73a4079\"\u003e\u003ccode\u003eca10bbd\u003c/code\u003e\u003c/a\u003e fix: use \u003ccode\u003e@​octokit/core/\u003c/code\u003etypes import for v7 compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/86e48e20ac85c970ed1f96e718fd068173948b7b\"\u003e\u003ccode\u003e86e48e2\u003c/code\u003e\u003c/a\u003e merge: incorporate main branch changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/c1084728b5b935ec4ddc1e4cee877b01797b3ff9\"\u003e\u003ccode\u003ec108472\u003c/code\u003e\u003c/a\u003e chore: rebuild dist for v9 upgrade and getOctokit factory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/afff112e4f8b57c718168af75b89ce00bc8d091d\"\u003e\u003ccode\u003eafff112\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/github-script/issues/712\"\u003e#712\u003c/a\u003e from actions/salmanmkc/deployment-false + fix user-ag...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/ff8117e5b78c415f814f39ad6998f424fee7b817\"\u003e\u003ccode\u003eff8117e\u003c/code\u003e\u003c/a\u003e ci: fix user-agent test to handle orchestration ID\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/81c6b7876079abe10ff715951c9fc7b3e1ab389d\"\u003e\u003ccode\u003e81c6b78\u003c/code\u003e\u003c/a\u003e ci: use deployment: false to suppress deployment noise from integration tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://g...\n\n_Description has been truncated_","html_url":"https://github.com/hyperpolymath/natsci-studio/pull/22","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyperpolymath%2Fnatsci-studio/issues/22","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/22/packages"}},{"old_version":"1.18.2","new_version":"1.24.0","update_type":"minor","path":null,"pr_created_at":"2026-05-18T12:40:23.000Z","version_change":"1.18.2 → 1.24.0","issue":{"uuid":"4469171413","node_id":"PR_kwDOQ0Eyfs7cpsv6","number":9,"state":"open","title":"chore(deps): bump the actions group with 13 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-18T12:40:23.000Z","updated_at":"2026-05-19T05:02:38.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"actions","update_count":13,"packages":[{"name":"actions/checkout","old_version":"4.1.1","new_version":"6.0.2","repository_url":"https://github.com/actions/checkout"},{"name":"haskell-actions/setup","old_version":"2.7.5","new_version":"2.11.0","repository_url":"https://github.com/haskell-actions/setup"},{"name":"actions/cache","old_version":"4.0.2","new_version":"5.0.5","repository_url":"https://github.com/actions/cache"},{"name":"actions/configure-pages","old_version":"5.0.0","new_version":"6.0.0","repository_url":"https://github.com/actions/configure-pages"},{"name":"actions/upload-pages-artifact","old_version":"3.0.1","new_version":"5.0.0","repository_url":"https://github.com/actions/upload-pages-artifact"},{"name":"actions/deploy-pages","old_version":"4.0.5","new_version":"5.0.0","repository_url":"https://github.com/actions/deploy-pages"},{"name":"erlef/setup-beam","old_version":"1.18.2","new_version":"1.24.0","repository_url":"https://github.com/erlef/setup-beam"},{"name":"github/codeql-action","old_version":"4.32.6","new_version":"4.35.5","repository_url":"https://github.com/github/codeql-action"},{"name":"dependabot/fetch-metadata","old_version":"2.2.0","new_version":"3.1.0","repository_url":"https://github.com/dependabot/fetch-metadata"},{"name":"actions/upload-artifact","old_version":"4.6.2","new_version":"7.0.1","repository_url":"https://github.com/actions/upload-artifact"},{"name":"actions/github-script","old_version":"8.0.0","new_version":"9.0.0","repository_url":"https://github.com/actions/github-script"},{"name":"webfactory/ssh-agent","old_version":"0.9.0","new_version":"0.10.0","repository_url":"https://github.com/webfactory/ssh-agent"},{"name":"trufflesecurity/trufflehog","old_version":"3.93.8","new_version":"3.95.3","repository_url":"https://github.com/trufflesecurity/trufflehog"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 13 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [actions/checkout](https://github.com/actions/checkout) | `4.1.1` | `6.0.2` |\n| [haskell-actions/setup](https://github.com/haskell-actions/setup) | `2.7.5` | `2.11.0` |\n| [actions/cache](https://github.com/actions/cache) | `4.0.2` | `5.0.5` |\n| [actions/configure-pages](https://github.com/actions/configure-pages) | `5.0.0` | `6.0.0` |\n| [actions/upload-pages-artifact](https://github.com/actions/upload-pages-artifact) | `3.0.1` | `5.0.0` |\n| [actions/deploy-pages](https://github.com/actions/deploy-pages) | `4.0.5` | `5.0.0` |\n| [erlef/setup-beam](https://github.com/erlef/setup-beam) | `1.18.2` | `1.24.0` |\n| [github/codeql-action](https://github.com/github/codeql-action) | `4.32.6` | `4.35.5` |\n| [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) | `2.2.0` | `3.1.0` |\n| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.6.2` | `7.0.1` |\n| [actions/github-script](https://github.com/actions/github-script) | `8.0.0` | `9.0.0` |\n| [webfactory/ssh-agent](https://github.com/webfactory/ssh-agent) | `0.9.0` | `0.10.0` |\n| [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) | `3.93.8` | `3.95.3` |\n\nUpdates `actions/checkout` from 4.1.1 to 6.0.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/releases\"\u003eactions/checkout's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set by \u003ca href=\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2355\"\u003eactions/checkout#2355\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix tag handling: preserve annotations and explicit fetch-tags by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2356\"\u003eactions/checkout#2356\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v6.0.1...v6.0.2\"\u003ehttps://github.com/actions/checkout/compare/v6.0.1...v6.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate all references from v5 and v4 to v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2314\"\u003eactions/checkout#2314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd worktree support for persist-credentials includeIf by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2327\"\u003eactions/checkout#2327\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify v6 README by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2328\"\u003eactions/checkout#2328\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v6...v6.0.1\"\u003ehttps://github.com/actions/checkout/compare/v6...v6.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev6-beta by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2298\"\u003eactions/checkout#2298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate readme/changelog for v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2311\"\u003eactions/checkout#2311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/checkout/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6-beta\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eUpdated persist-credentials to store the credentials under \u003ccode\u003e$RUNNER_TEMP\u003c/code\u003e instead of directly in the local git config.\u003c/p\u003e\n\u003cp\u003eThis requires a minimum Actions Runner version of \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.329.0\"\u003ev2.329.0\u003c/a\u003e to access the persisted credentials for \u003ca href=\"https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action\"\u003eDocker container action\u003c/a\u003e scenarios.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5...v5.0.1\"\u003ehttps://github.com/actions/checkout/compare/v5...v5.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare v5.0.0 release by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2238\"\u003eactions/checkout#2238\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/blob/main/CHANGELOG.md\"\u003eactions/checkout's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix tag handling: preserve annotations and explicit fetch-tags by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2356\"\u003eactions/checkout#2356\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd worktree support for persist-credentials includeIf by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2327\"\u003eactions/checkout#2327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca href=\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca href=\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca href=\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdjust positioning of user email note and permissions heading by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2044\"\u003eactions/checkout#2044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2194\"\u003eactions/checkout#2194\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CODEOWNERS for actions by \u003ca href=\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2224\"\u003eactions/checkout#2224\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate package dependencies by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2236\"\u003eactions/checkout#2236\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eurl-helper.ts\u003c/code\u003e now leverages well-known environment variables by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1941\"\u003eactions/checkout#1941\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpand unit test coverage for \u003ccode\u003eisGhes\u003c/code\u003e by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1946\"\u003eactions/checkout#1946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck out other refs/* by commit if provided, fall back to ref by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1924\"\u003eactions/checkout#1924\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Ref and Commit outputs by \u003ca href=\"https://github.com/lucacome\"\u003e\u003ccode\u003e@​lucacome\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1180\"\u003eactions/checkout#1180\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDependency updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e- \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1777\"\u003eactions/checkout#1777\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1872\"\u003eactions/checkout#1872\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump the minor-npm-dependencies group across 1 directory with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1739\"\u003eactions/checkout#1739\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 3 to 4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1697\"\u003eactions/checkout#1697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCheck out other refs/* by commit by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1774\"\u003eactions/checkout#1774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin actions/checkout's own workflows to a known, good, stable version. by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1776\"\u003eactions/checkout#1776\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck platform to set archive extension appropriately by \u003ca href=\"https://github.com/cory-miller\"\u003e\u003ccode\u003e@​cory-miller\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1732\"\u003eactions/checkout#1732\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003e\u003ccode\u003ede0fac2\u003c/code\u003e\u003c/a\u003e Fix tag handling: preserve annotations and explicit fetch-tags (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2356\"\u003e#2356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49\"\u003e\u003ccode\u003e064fe7f\u003c/code\u003e\u003c/a\u003e Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8\"\u003e\u003ccode\u003e8e8c483\u003c/code\u003e\u003c/a\u003e Clarify v6 README (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2328\"\u003e#2328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1\"\u003e\u003ccode\u003e033fa0d\u003c/code\u003e\u003c/a\u003e Add worktree support for persist-credentials includeIf (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2327\"\u003e#2327\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5\"\u003e\u003ccode\u003ec2d88d3\u003c/code\u003e\u003c/a\u003e Update all references from v5 and v4 to v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2314\"\u003e#2314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3\"\u003e\u003ccode\u003e1af3b93\u003c/code\u003e\u003c/a\u003e update readme/changelog for v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2311\"\u003e#2311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e\"\u003e\u003ccode\u003e71cf226\u003c/code\u003e\u003c/a\u003e v6-beta (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2298\"\u003e#2298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e\"\u003e\u003ccode\u003e069c695\u003c/code\u003e\u003c/a\u003e Persist creds to a separate file (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2286\"\u003e#2286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493\"\u003e\u003ccode\u003eff7abcd\u003c/code\u003e\u003c/a\u003e Update README to include Node.js 24 support details and requirements (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8\"\u003e\u003ccode\u003e08c6903\u003c/code\u003e\u003c/a\u003e Prepare v5.0.0 release (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2238\"\u003e#2238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/checkout/compare/v4.1.1...de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `haskell-actions/setup` from 2.7.5 to 2.11.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/haskell-actions/setup/releases\"\u003ehaskell-actions/setup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.11.0\u003c/h2\u003e\n\u003cp\u003eGHC: try ghcup first, choco only as fallback\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd GHC 9.12.4 and Stack 3.9.3 by \u003ca href=\"https://github.com/andreasabel\"\u003e\u003ccode\u003e@​andreasabel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/haskell-actions/setup/pull/142\"\u003ehaskell-actions/setup#142\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump softprops/action-gh-release from 2 to 3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/haskell-actions/setup/pull/143\"\u003ehaskell-actions/setup#143\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHC: try ghcup first, choco only as fallback by \u003ca href=\"https://github.com/andreasabel\"\u003e\u003ccode\u003e@​andreasabel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/haskell-actions/setup/pull/144\"\u003ehaskell-actions/setup#144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/haskell-actions/setup/compare/v2.10.3...v2.11.0\"\u003ehttps://github.com/haskell-actions/setup/compare/v2.10.3...v2.11.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.10.4\u003c/h2\u003e\n\u003cp\u003eAdd GHC 9.12.4 and Stack 3.9.3\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd GHC 9.12.4 and Stack 3.9.3 by \u003ca href=\"https://github.com/andreasabel\"\u003e\u003ccode\u003e@​andreasabel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/haskell-actions/setup/pull/142\"\u003ehaskell-actions/setup#142\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/haskell-actions/setup/compare/v2.10.3...v2.10.4\"\u003ehttps://github.com/haskell-actions/setup/compare/v2.10.3...v2.10.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.10.3\u003c/h2\u003e\n\u003cp\u003eAdd Stack 3.9.1\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Stack 3.9.1 by \u003ca href=\"https://github.com/andreasabel\"\u003e\u003ccode\u003e@​andreasabel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/haskell-actions/setup/pull/138\"\u003ehaskell-actions/setup#138\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/haskell-actions/setup/compare/v2.10.2...v2.10.3\"\u003ehttps://github.com/haskell-actions/setup/compare/v2.10.2...v2.10.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.10.2\u003c/h2\u003e\n\u003cp\u003eRemove GHCup vanilla channel from defaults\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove GHCup vanilla channel from defaults by \u003ca href=\"https://github.com/andreasabel\"\u003e\u003ccode\u003e@​andreasabel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/haskell-actions/setup/pull/137\"\u003ehaskell-actions/setup#137\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/haskell-actions/setup/compare/v2.10.1...v2.10.2\"\u003ehttps://github.com/haskell-actions/setup/compare/v2.10.1...v2.10.2\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/cd0d9bdd65b20557f41bea4dbe43d0b5fbbfe553\"\u003e\u003ccode\u003ecd0d9bd\u003c/code\u003e\u003c/a\u003e GHC: try ghcup first, choco only as fallback\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/4568e6457136c6847fb753cd5ae28b2ba3b42798\"\u003e\u003ccode\u003e4568e64\u003c/code\u003e\u003c/a\u003e Bump softprops/action-gh-release from 2 to 3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/de26526e12bc780fb9d384c1fb61c0bf02e3a40d\"\u003e\u003ccode\u003ede26526\u003c/code\u003e\u003c/a\u003e Add GHC 9.12.4 and Stack 3.9.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/f9150cb1d140e9a9271700670baa38991e6fa25c\"\u003e\u003ccode\u003ef9150cb\u003c/code\u003e\u003c/a\u003e Add Stack 3.9.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/dc63c94789664bb2910876ec3dfeeaa24d23b96b\"\u003e\u003ccode\u003edc63c94\u003c/code\u003e\u003c/a\u003e Remove GHCup vanilla channel from defaults\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/7786314267139caaaf743fbdb70341b116a8d25d\"\u003e\u003ccode\u003e7786314\u003c/code\u003e\u003c/a\u003e await addGhcupReleaseChannel\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/57571745c639e06be44b0a6a5874b874eb8ba392\"\u003e\u003ccode\u003e5757174\u003c/code\u003e\u003c/a\u003e Move all ghcup-add-channel commands into same group\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/ca45ec3f5855d88df81d141f6bbe87cf96aa7ede\"\u003e\u003ccode\u003eca45ec3\u003c/code\u003e\u003c/a\u003e Remove broken GHC 9.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/eb29c237a18b47554a426cb75d69844f689dc049\"\u003e\u003ccode\u003eeb29c23\u003c/code\u003e\u003c/a\u003e Use GHCup vanilla and prereleases channels by default\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/243ff44acce6b550747dcb4b9fa8a960b76e3fb0\"\u003e\u003ccode\u003e243ff44\u003c/code\u003e\u003c/a\u003e Add GHCs 9.14.1 and 9.12.3 and Cabal 3.16.1.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/haskell-actions/setup/compare/ec49483bfc012387b227434aba94f59a6ecd0900...cd0d9bdd65b20557f41bea4dbe43d0b5fbbfe553\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/cache` from 4.0.2 to 5.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/cache/releases\"\u003eactions/cache's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate ts-http-runtime dependency by \u003ca href=\"https://github.com/yacaovsnc\"\u003e\u003ccode\u003e@​yacaovsnc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1747\"\u003eactions/cache#1747\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v5...v5.0.5\"\u003ehttps://github.com/actions/cache/compare/v5...v5.0.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd release instructions and update maintainer docs by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1696\"\u003eactions/cache#1696\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePotential fix for code scanning alert no. 52: Workflow does not contain permissions by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1697\"\u003eactions/cache#1697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix workflow permissions and cleanup workflow names / formatting by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1699\"\u003eactions/cache#1699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Update examples to use the latest version by \u003ca href=\"https://github.com/XZTDean\"\u003e\u003ccode\u003e@​XZTDean\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1690\"\u003eactions/cache#1690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix proxy integration tests by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1701\"\u003eactions/cache#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix cache key in examples.md for bun.lock by \u003ca href=\"https://github.com/RyPeck\"\u003e\u003ccode\u003e@​RyPeck\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1722\"\u003eactions/cache#1722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate dependencies \u0026amp; patch security vulnerabilities by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1738\"\u003eactions/cache#1738\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/XZTDean\"\u003e\u003ccode\u003e@​XZTDean\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1690\"\u003eactions/cache#1690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/RyPeck\"\u003e\u003ccode\u003e@​RyPeck\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1722\"\u003eactions/cache#1722\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v5...v5.0.4\"\u003ehttps://github.com/actions/cache/compare/v5...v5.0.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/cache\u003c/code\u003e to v5.0.5 (Resolves: \u003ca href=\"https://github.com/actions/cache/security/dependabot/33\"\u003ehttps://github.com/actions/cache/security/dependabot/33\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/core\u003c/code\u003e to v2.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v5...v5.0.3\"\u003ehttps://github.com/actions/cache/compare/v5...v5.0.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev.5.0.2\u003c/h2\u003e\n\u003ch1\u003ev5.0.2\u003c/h1\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eWhen creating cache entries, 429s returned from the cache service will not be retried.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\n\u003cstrong\u003e\u003ccode\u003eactions/cache@v5\u003c/code\u003e runs on the Node.js 24 runtime and requires a minimum Actions Runner version of \u003ccode\u003e2.327.1\u003c/code\u003e.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eIf you are using self-hosted runners, ensure they are updated before upgrading.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003chr /\u003e\n\u003ch1\u003ev5.0.1\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/cache/blob/main/RELEASES.md\"\u003eactions/cache's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eReleases\u003c/h1\u003e\n\u003ch2\u003eHow to prepare a release\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\u003cbr /\u003e\nRelevant for maintainers with write access only.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003col\u003e\n\u003cli\u003eSwitch to a new branch from \u003ccode\u003emain\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003enpm test\u003c/code\u003e to ensure all tests are passing.\u003c/li\u003e\n\u003cli\u003eUpdate the version in \u003ca href=\"https://github.com/actions/cache/blob/main/package.json\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/package.json\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003enpm run build\u003c/code\u003e to update the compiled files.\u003c/li\u003e\n\u003cli\u003eUpdate this \u003ca href=\"https://github.com/actions/cache/blob/main/RELEASES.md\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/RELEASES.md\u003c/code\u003e\u003c/a\u003e with the new version and changes in the \u003ccode\u003e## Changelog\u003c/code\u003e section.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003elicensed cache\u003c/code\u003e to update the license report.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003elicensed status\u003c/code\u003e and resolve any warnings by updating the \u003ca href=\"https://github.com/actions/cache/blob/main/.licensed.yml\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/.licensed.yml\u003c/code\u003e\u003c/a\u003e file with the exceptions.\u003c/li\u003e\n\u003cli\u003eCommit your changes and push your branch upstream.\u003c/li\u003e\n\u003cli\u003eOpen a pull request against \u003ccode\u003emain\u003c/code\u003e and get it reviewed and merged.\u003c/li\u003e\n\u003cli\u003eDraft a new release \u003ca href=\"https://github.com/actions/cache/releases\"\u003ehttps://github.com/actions/cache/releases\u003c/a\u003e use the same version number used in \u003ccode\u003epackage.json\u003c/code\u003e\n\u003col\u003e\n\u003cli\u003eCreate a new tag with the version number.\u003c/li\u003e\n\u003cli\u003eAuto generate release notes and update them to match the changes you made in \u003ccode\u003eRELEASES.md\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eToggle the set as the latest release option.\u003c/li\u003e\n\u003cli\u003ePublish the release.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/li\u003e\n\u003cli\u003eNavigate to \u003ca href=\"https://github.com/actions/cache/actions/workflows/release-new-action-version.yml\"\u003ehttps://github.com/actions/cache/actions/workflows/release-new-action-version.yml\u003c/a\u003e\n\u003col\u003e\n\u003cli\u003eThere should be a workflow run queued with the same version number.\u003c/li\u003e\n\u003cli\u003eApprove the run to publish the new version and update the major tags for this action.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003ch3\u003e5.0.4\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003eminimatch\u003c/code\u003e to v3.1.5 (fixes ReDoS via globstar patterns)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003eundici\u003c/code\u003e to v6.24.1 (WebSocket decompression bomb protection, header validation fixes)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003efast-xml-parser\u003c/code\u003e to v5.5.6\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.3\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/cache\u003c/code\u003e to v5.0.5 (Resolves: \u003ca href=\"https://github.com/actions/cache/security/dependabot/33\"\u003ehttps://github.com/actions/cache/security/dependabot/33\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/core\u003c/code\u003e to v2.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/cache\u003c/code\u003e to v5.0.3 \u003ca href=\"https://redirect.github.com/actions/cache/pull/1692\"\u003e#1692\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@azure/storage-blob\u003c/code\u003e to \u003ccode\u003e^12.29.1\u003c/code\u003e via \u003ccode\u003e@actions/cache@5.0.1\u003c/code\u003e \u003ca href=\"https://redirect.github.com/actions/cache/pull/1685\"\u003e#1685\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.0\u003c/h3\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\n\u003ccode\u003eactions/cache@v5\u003c/code\u003e runs on the Node.js 24 runtime and requires a minimum Actions Runner version of \u003ccode\u003e2.327.1\u003c/code\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/27d5ce7f107fe9357f9df03efb73ab90386fccae\"\u003e\u003ccode\u003e27d5ce7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1747\"\u003e#1747\u003c/a\u003e from actions/yacaovsnc/update-dependency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/f280785d7b6e1884c7d12b9136eb0f4a1574fcfd\"\u003e\u003ccode\u003ef280785\u003c/code\u003e\u003c/a\u003e licensed changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/619aeb1606e195be0b36fd0ff68dcf1aff6b65a7\"\u003e\u003ccode\u003e619aeb1\u003c/code\u003e\u003c/a\u003e npm run build generated dist files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/bcf16c2893940a4899761e55c7ac3c1cf88a04f6\"\u003e\u003ccode\u003ebcf16c2\u003c/code\u003e\u003c/a\u003e Update ts-http-runtime to 0.3.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/668228422ae6a00e4ad889ee87cd7109ec5666a7\"\u003e\u003ccode\u003e6682284\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1738\"\u003e#1738\u003c/a\u003e from actions/prepare-v5.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/e34039626f957d3e3e50843d15c1b20547fc90e2\"\u003e\u003ccode\u003ee340396\u003c/code\u003e\u003c/a\u003e Update RELEASES\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/8a671105293e81530f1af99863cdf94550aba1a6\"\u003e\u003ccode\u003e8a67110\u003c/code\u003e\u003c/a\u003e Add licenses\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/1865903e1b0cb750dda9bc5c58be03424cc62830\"\u003e\u003ccode\u003e1865903\u003c/code\u003e\u003c/a\u003e Update dependencies \u0026amp; patch security vulnerabilities\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/565629816435f6c0b50676926c9b05c254113c0c\"\u003e\u003ccode\u003e5656298\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1722\"\u003e#1722\u003c/a\u003e from RyPeck/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/4e380d19e192ace8e86f23f32ca6fdec98a673c6\"\u003e\u003ccode\u003e4e380d1\u003c/code\u003e\u003c/a\u003e Fix cache key in examples.md for bun.lock\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/cache/compare/v4.0.2...27d5ce7f107fe9357f9df03efb73ab90386fccae\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/configure-pages` from 5.0.0 to 6.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/configure-pages/releases\"\u003eactions/configure-pages's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eupgrade to node 24 \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/configure-pages/issues/186\"\u003e#186\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpgrade IA Publish \u003ca href=\"https://github.com/Jcambass\"\u003e\u003ccode\u003e@​Jcambass\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/configure-pages/issues/165\"\u003e#165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd workflow file for publishing releases to immutable action package \u003ca href=\"https://github.com/Jcambass\"\u003e\u003ccode\u003e@​Jcambass\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/configure-pages/issues/163\"\u003e#163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epin draft release version \u003ca href=\"https://github.com/YiMysty\"\u003e\u003ccode\u003e@​YiMysty\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/configure-pages/issues/162\"\u003e#162\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump espree from 9.6.1 to 10.1.0 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/configure-pages/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump eslint-config-prettier from 8.8.0 to 9.1.0 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/configure-pages/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBe more friendly to Dependabot \u003ca href=\"https://github.com/yoannchaudet\"\u003e\u003ccode\u003e@​yoannchaudet\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/configure-pages/issues/158\"\u003e#158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump eslint-plugin-github from 4.10.2 to 5.0.1 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/configure-pages/issues/154\"\u003e#154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump braces from 3.0.2 to 3.0.3 in the npm_and_yarn group \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/configure-pages/issues/156\"\u003e#156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump undici from 5.28.3 to 5.28.4 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/configure-pages/issues/145\"\u003e#145\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee details of \u003ca href=\"https://github.com/actions/configure-pages/compare/v5.0.0...v5.0.1\"\u003eall code changes\u003c/a\u003e since previous release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/configure-pages/commit/45bfe0192ca1faeb007ade9deae92b16b8254a0d\"\u003e\u003ccode\u003e45bfe01\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/configure-pages/issues/186\"\u003e#186\u003c/a\u003e from salmanmkc/node24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/configure-pages/commit/d8770c2b3b71963902cec525cf516368b4411a78\"\u003e\u003ccode\u003ed8770c2\u003c/code\u003e\u003c/a\u003e Update Node version from 20 to 24 in action.yml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/configure-pages/commit/cb8a1a32801e6cdb7b111ce13761226bba88f67d\"\u003e\u003ccode\u003ecb8a1a3\u003c/code\u003e\u003c/a\u003e upgrade to node 24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/configure-pages/commit/d5606572c479bee637007364c6b4800ac4fc8573\"\u003e\u003ccode\u003ed560657\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/configure-pages/issues/165\"\u003e#165\u003c/a\u003e from actions/Jcambass-patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/configure-pages/commit/35e0ac4e4038e070ce9da26f41143bc3cf3c7e1d\"\u003e\u003ccode\u003e35e0ac4\u003c/code\u003e\u003c/a\u003e Upgrade IA Publish\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/configure-pages/commit/1dfbcbff6519463927204dc279c2e0d307824ee2\"\u003e\u003ccode\u003e1dfbcbf\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/configure-pages/issues/163\"\u003e#163\u003c/a\u003e from actions/Jcambass-patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/configure-pages/commit/2f4f988792f75a5edcc39df0e1661f78999e0348\"\u003e\u003ccode\u003e2f4f988\u003c/code\u003e\u003c/a\u003e Add workflow file for publishing releases to immutable action package\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/configure-pages/commit/0d7570ca8762e8c951911e8c9655d8973cc93174\"\u003e\u003ccode\u003e0d7570c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/configure-pages/issues/162\"\u003e#162\u003c/a\u003e from actions/pin-draft-release-verssion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/configure-pages/commit/3ea19669a5cd11c46d23d6578d088b81fe8527e5\"\u003e\u003ccode\u003e3ea1966\u003c/code\u003e\u003c/a\u003e pin draft release version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/configure-pages/commit/aabcbc432d6b06d1fd5e8bf3cf756880c35e014d\"\u003e\u003ccode\u003eaabcbc4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/configure-pages/issues/160\"\u003e#160\u003c/a\u003e from actions/dependabot/npm_and_yarn/espree-10.1.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/configure-pages/compare/983d7736d9b0ae728b81ab479565c72886d7745b...45bfe0192ca1faeb007ade9deae92b16b8254a0d\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/upload-pages-artifact` from 3.0.1 to 5.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/upload-pages-artifact/releases\"\u003eactions/upload-pages-artifact's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate upload-artifact action to version 7 \u003ca href=\"https://github.com/Tom-van-Woudenberg\"\u003e\u003ccode\u003e@​Tom-van-Woudenberg\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/upload-pages-artifact/issues/139\"\u003e#139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat: add \u003ccode\u003einclude-hidden-files\u003c/code\u003e input \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/upload-pages-artifact/issues/137\"\u003e#137\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee details of \u003ca href=\"https://github.com/actions/upload-pages-artifact/compare/v4.0.0...v4.0.1\"\u003eall code changes\u003c/a\u003e since previous release.\u003c/p\u003e\n\u003ch2\u003ev4.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePotentially breaking change: hidden files (specifically dotfiles) will not be included in the artifact by \u003ca href=\"https://github.com/tsusdere\"\u003e\u003ccode\u003e@​tsusdere\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-pages-artifact/pull/102\"\u003eactions/upload-pages-artifact#102\u003c/a\u003e\nIf you need to include dotfiles in your artifact: instead of using this action, create your own artifact according to these requirements \u003ca href=\"https://github.com/actions/upload-pages-artifact?tab=readme-ov-file#artifact-validation\"\u003ehttps://github.com/actions/upload-pages-artifact?tab=readme-ov-file#artifact-validation\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin \u003ccode\u003eactions/upload-artifact\u003c/code\u003e to SHA by \u003ca href=\"https://github.com/heavymachinery\"\u003e\u003ccode\u003e@​heavymachinery\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-pages-artifact/pull/127\"\u003eactions/upload-pages-artifact#127\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/upload-pages-artifact/compare/v3.0.1...v4.0.0\"\u003ehttps://github.com/actions/upload-pages-artifact/compare/v3.0.1...v4.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/fc324d3547104276b827a68afc52ff2a11cc49c9\"\u003e\u003ccode\u003efc324d3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-pages-artifact/issues/139\"\u003e#139\u003c/a\u003e from Tom-van-Woudenberg/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/fe9d4b7d84090e1d8d9c53a0236f810d4e00d2c3\"\u003e\u003ccode\u003efe9d4b7\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/0ca16172ca884f0a37117fed41734f29784cc980\"\u003e\u003ccode\u003e0ca1617\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-pages-artifact/issues/137\"\u003e#137\u003c/a\u003e from jonchurch/include-hidden-files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/57f0e8492b437b7818227931fef2faa1a379839b\"\u003e\u003ccode\u003e57f0e84\u003c/code\u003e\u003c/a\u003e Update action.yml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/4a90348b2933470dc78cec55534259872a6d3c0d\"\u003e\u003ccode\u003e4a90348\u003c/code\u003e\u003c/a\u003e v7 --\u0026gt; hash\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/56f665a6f297fa95f8d735b314187fb2d7764569\"\u003e\u003ccode\u003e56f665a\u003c/code\u003e\u003c/a\u003e Update upload-artifact action to version 7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/f7615f5917213b24245d49ba96693d0f5375a414\"\u003e\u003ccode\u003ef7615f5\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003einclude-hidden-files\u003c/code\u003e input\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/7b1f4a764d45c48632c6b24a0339c27f5614fb0b\"\u003e\u003ccode\u003e7b1f4a7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-pages-artifact/issues/127\"\u003e#127\u003c/a\u003e from heavymachinery/pin-sha\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/4cc19c7d3f3e6c87c68366501382a03c8b1ba6db\"\u003e\u003ccode\u003e4cc19c7\u003c/code\u003e\u003c/a\u003e Pin \u003ccode\u003eactions/upload-artifact\u003c/code\u003e to SHA\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/2d163be3ddce01512f3eea7ac5b7023b5d643ce1\"\u003e\u003ccode\u003e2d163be\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-pages-artifact/issues/107\"\u003e#107\u003c/a\u003e from KittyChiu/main\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/upload-pages-artifact/compare/56afc609e74202658d3ffba0e8f6dda462b719fa...fc324d3547104276b827a68afc52ff2a11cc49c9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/deploy-pages` from 4.0.5 to 5.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/deploy-pages/releases\"\u003eactions/deploy-pages's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Node.js version to 24.x \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/deploy-pages/issues/404\"\u003e#404\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd workflow file for publishing releases to immutable action package \u003ca href=\"https://github.com/Jcambass\"\u003e\u003ccode\u003e@​Jcambass\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/deploy-pages/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump braces from 3.0.2 to 3.0.3 in the npm_and_yarn group across 1 directory \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/deploy-pages/issues/360\"\u003e#360\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMake the rebuild dist workflow work nicer with Dependabot \u003ca href=\"https://github.com/yoannchaudet\"\u003e\u003ccode\u003e@​yoannchaudet\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/deploy-pages/issues/361\"\u003e#361\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump the non-breaking-changes group across 1 directory with 3 updates \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/deploy-pages/issues/358\"\u003e#358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDelete repeated sentence \u003ca href=\"https://github.com/garethsb\"\u003e\u003ccode\u003e@​garethsb\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/deploy-pages/issues/359\"\u003e#359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate README.md \u003ca href=\"https://github.com/tsusdere\"\u003e\u003ccode\u003e@​tsusdere\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/deploy-pages/issues/348\"\u003e#348\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump the non-breaking-changes group with 4 updates \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/deploy-pages/issues/341\"\u003e#341\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove error message for file permissions \u003ca href=\"https://github.com/TooManyBees\"\u003e\u003ccode\u003e@​TooManyBees\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/actions/deploy-pages/issues/340\"\u003e#340\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eSee details of \u003ca href=\"https://github.com/actions/deploy-pages/compare/v4.0.5...v4.0.6\"\u003eall code changes\u003c/a\u003e since previous release.\u003c/p\u003e\n\u003cp\u003e:warning: For use with products other than GitHub.com, such as GitHub Enterprise Server, please consult the \u003ca href=\"https://github.com/actions/deploy-pages/#compatibility\"\u003ecompatibility table\u003c/a\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/deploy-pages/commit/cd2ce8fcbc39b97be8ca5fce6e763baed58fa128\"\u003e\u003ccode\u003ecd2ce8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/deploy-pages/issues/404\"\u003e#404\u003c/a\u003e from salmanmkc/node24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/deploy-pages/commit/bbe2a950ee52d4f5cbe74e6d9d6a8803676e91d5\"\u003e\u003ccode\u003ebbe2a95\u003c/code\u003e\u003c/a\u003e Update Node.js version to 24.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/deploy-pages/commit/854d7aa1b99e4509c4d1b53d69b7ba4eaf39215a\"\u003e\u003ccode\u003e854d7aa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/deploy-pages/issues/374\"\u003e#374\u003c/a\u003e from actions/Jcambass-patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/deploy-pages/commit/306bb814f29679fd12f0e4b0014bc1f3a7e7f4bc\"\u003e\u003ccode\u003e306bb81\u003c/code\u003e\u003c/a\u003e Add workflow file for publishing releases to immutable action package\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/deploy-pages/commit/b74272834adc04f971da4b0b055c49fa8d7f90c9\"\u003e\u003ccode\u003eb742728\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/deploy-pages/issues/360\"\u003e#360\u003c/a\u003e from actions/dependabot/npm_and_yarn/npm_and_yarn-513...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/deploy-pages/commit/72732942c639e67ea3f70165fd2e012dd6d95027\"\u003e\u003ccode\u003e7273294\u003c/code\u003e\u003c/a\u003e Bump braces in the npm_and_yarn group across 1 directory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/deploy-pages/commit/963791f01c40ef3eff219c255dbfb97a6f2c9f87\"\u003e\u003ccode\u003e963791f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/deploy-pages/issues/361\"\u003e#361\u003c/a\u003e from actions/dependabot-friendly\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/deploy-pages/commit/51bb29d9d7bfe15d731c4957ce1887b5ae8c6727\"\u003e\u003ccode\u003e51bb29d\u003c/code\u003e\u003c/a\u003e Make the rebuild dist workflow safer for Dependabot\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/deploy-pages/commit/89f3d10406f57ee86e6517a982b3fb0438bd6dc5\"\u003e\u003ccode\u003e89f3d10\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/deploy-pages/issues/358\"\u003e#358\u003c/a\u003e from actions/dependabot/npm_and_yarn/non-breaking-cha...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/deploy-pages/commit/bce735589bbbfa569f1d2ac003277b590d743e4c\"\u003e\u003ccode\u003ebce7355\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into dependabot/npm_and_yarn/non-breaking-changes-99c12deb21\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/deploy-pages/compare/d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e...cd2ce8fcbc39b97be8ca5fce6e763baed58fa128\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `erlef/setup-beam` from 1.18.2 to 1.24.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.24.0\u003c/h2\u003e\n\u003ch2\u003e⚠️ Potentially breaking changes\u003c/h2\u003e\n\u003cp\u003eSince GitHub is phasing out Node 20 runners, the \u003ccode\u003eerlef/setup-beam\u003c/code\u003e action has updated its requirements ([see PR \u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/426\"\u003e#426\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e)). Please \u003cstrong\u003eensure your workflow files are updated\u003c/strong\u003e to align with the \u003ca href=\"https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/\"\u003elatest GitHub Actions standards\u003c/a\u003e to avoid execution failures.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Node 24 runtime by \u003ca href=\"https://github.com/levibuzolic\"\u003e\u003ccode\u003e@​levibuzolic\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix error that occurs when parsing TOML files that use dotted keys by \u003ca href=\"https://github.com/mitchellhenke\"\u003e\u003ccode\u003e@​mitchellhenke\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/444\"\u003eerlef/setup-beam#444\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAutomation\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/435\"\u003eerlef/setup-beam#435\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/436\"\u003eerlef/setup-beam#436\u003c/a\u003e, and \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/442\"\u003eerlef/setup-beam#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSecurity\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump eslint from 10.0.3 to 10.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/439\"\u003eerlef/setup-beam#439\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump yauzl from 3.2.0 to 3.2.1 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/437\"\u003eerlef/setup-beam#437\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump csv-parse from 6.1.0 to 6.2.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/440\"\u003eerlef/setup-beam#440\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump picomatch from 4.0.3 to 4.0.4 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/443\"\u003eerlef/setup-beam#443\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: address \u003ccode\u003ePrototype Pollution via parse() in NodeJS flatted\u003c/code\u003e by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/445\"\u003eerlef/setup-beam#445\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/levibuzolic\"\u003e\u003ccode\u003e@​levibuzolic\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mitchellhenke\"\u003e\u003ccode\u003e@​mitchellhenke\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/444\"\u003eerlef/setup-beam#444\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.24.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.24.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/fc68ffb90438ef2936bbb3251622353b3dcb2f93\"\u003e\u003ccode\u003efc68ffb\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 190c3a5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/190c3a5e7b2d0a7e53ac2ae08f02a617c755b13d\"\u003e\u003ccode\u003e190c3a5\u003c/code\u003e\u003c/a\u003e Fix error that occurs when parsing TOML files that use dotted keys (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/444\"\u003e#444\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/92dab893ed9373c7c8b219be47f9e6ad3684507b\"\u003e\u003ccode\u003e92dab89\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 5dfda65\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/5dfda6550693b3e524212c8e8956489385351723\"\u003e\u003ccode\u003e5dfda65\u003c/code\u003e\u003c/a\u003e fix: address \u003ccode\u003ePrototype Pollution via parse() in NodeJS flatted\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/445\"\u003e#445\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ef385d6edc40d082c376680340dc4581014fb5c3\"\u003e\u003ccode\u003eef385d6\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to bf3c3af\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf3c3af135ef07a5f34ef23377a9cbf2b2e1fab0\"\u003e\u003ccode\u003ebf3c3af\u003c/code\u003e\u003c/a\u003e Bump picomatch from 4.0.3 to 4.0.4 in the npm_and_yarn group across 1 directo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/e7645e410255776e1f30cddea2b7842df4b842fb\"\u003e\u003ccode\u003ee7645e4\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to a36098e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/a36098e7415c702808cc414302b5a3fa2c83df52\"\u003e\u003ccode\u003ea36098e\u003c/code\u003e\u003c/a\u003e Bump csv-parse from 6.1.0 to 6.2.1 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/440\"\u003e#440\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/87781dc68a92d3ae823e02b5a7c030621fcc71a2\"\u003e\u003ccode\u003e87781dc\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to d5f3979\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/d5f3979a5f2803385ad71e7a9e178d31f89b8d2b\"\u003e\u003ccode\u003ed5f3979\u003c/code\u003e\u003c/a\u003e Support Node 24 runtime (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/426\"\u003e#426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1.18.2...fc68ffb90438ef2936bbb3251622353b3dcb2f93\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 4.32.6 to 4.35.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.35.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.34.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDowngrade default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e due to issues with a small percentage of Actions and JavaScript analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3762\"\u003e#3762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.34.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded an experimental change which disables TRAP caching when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3569\"\u003e#3569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWe are rolling out improved incremental analysis to C/C++ analyses that use build mode \u003ccode\u003enone\u003c/code\u003e. We expect this rollout to be complete by the end of April 2026. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3584\"\u003e#3584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0\"\u003e2.25.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3585\"\u003e#3585\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.33.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.5 - 15 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.4 - 07 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.3 - 01 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.2 - 15 Apr 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache...\n\n_Description has been truncated_","html_url":"https://github.com/hyperpolymath/seamstress/pull/9","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyperpolymath%2Fseamstress/issues/9","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9/packages"}},{"old_version":"1.20.4","new_version":"1.24.0","update_type":"minor","path":null,"pr_created_at":"2026-05-01T21:57:49.000Z","version_change":"1.20.4 → 1.24.0","issue":{"uuid":"4366846053","node_id":"PR_kwDOPiJIA87XioU4","number":41,"state":"closed","title":"deps: Bump the actions group across 1 directory with 8 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-14T00:41:06.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-01T21:57:49.000Z","updated_at":"2026-05-14T00:41:08.000Z","time_to_close":1046597,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps: Bump","group_name":"actions","update_count":8,"packages":[{"name":"step-security/harden-runner","old_version":"2.14.2","new_version":"2.19.0","repository_url":"https://github.com/step-security/harden-runner"},{"name":"KineticCafe/actions-dco","old_version":"2.0.0","new_version":"2.1.1","repository_url":"https://github.com/kineticcafe/actions-dco"},{"name":"actions/checkout","old_version":"6.0.1","new_version":"6.0.2","repository_url":"https://github.com/actions/checkout"},{"name":"actions/dependency-review-action","old_version":"4.8.2","new_version":"4.9.0","repository_url":"https://github.com/actions/dependency-review-action"},{"name":"erlef/setup-beam","old_version":"1.20.4","new_version":"1.24.0","repository_url":"https://github.com/erlef/setup-beam"},{"name":"actions/cache","old_version":"5.0.1","new_version":"5.0.5","repository_url":"https://github.com/actions/cache"},{"name":"reviewdog/action-actionlint","old_version":"1.69.1","new_version":"1.72.0","repository_url":"https://github.com/reviewdog/action-actionlint"},{"name":"zizmorcore/zizmor-action","old_version":"0.3.0","new_version":"0.5.3","repository_url":"https://github.com/zizmorcore/zizmor-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 8 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.14.2` | `2.19.0` |\n| [KineticCafe/actions-dco](https://github.com/kineticcafe/actions-dco) | `2.0.0` | `2.1.1` |\n| [actions/checkout](https://github.com/actions/checkout) | `6.0.1` | `6.0.2` |\n| [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.8.2` | `4.9.0` |\n| [erlef/setup-beam](https://github.com/erlef/setup-beam) | `1.20.4` | `1.24.0` |\n| [actions/cache](https://github.com/actions/cache) | `5.0.1` | `5.0.5` |\n| [reviewdog/action-actionlint](https://github.com/reviewdog/action-actionlint) | `1.69.1` | `1.72.0` |\n| [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action) | `0.3.0` | `0.5.3` |\n\n\nUpdates `step-security/harden-runner` from 2.14.2 to 2.19.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/step-security/harden-runner/releases\"\u003estep-security/harden-runner's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.19.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eNew Runner Support\u003c/h3\u003e\n\u003cp\u003eHarden-Runner now supports Depot, Blacksmith, Namespace, and WarpBuild runners with the same egress monitoring, runtime monitoring, and policy enforcement available on GitHub-hosted runners.\u003c/p\u003e\n\u003ch3\u003eAutomated Incident Response for Supply Chain Attacks\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eGlobal block list: Outbound connections to known malicious domains and IPs are now blocked even in audit mode.\u003c/li\u003e\n\u003cli\u003eSystem-defined detection rules: Harden-Runner will trigger lockdown mode when a high risk event is detected during an active supply chain attack (for example, a process reading the memory of the runner worker process, a common technique for stealing GitHub Actions secrets).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cp\u003eWindows and macOS: stability and reliability fixes\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.18.0...v2.19.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.18.0...v2.19.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.18.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eGlobal Block List: During supply chain incidents like the recent axios and trivy compromises, StepSecurity will add known malicious domains and IP addresses (IOCs) to a global block list. These will be automatically blocked, even in audit mode, providing immediate protection without requiring any workflow changes.\u003c/p\u003e\n\u003cp\u003eDeploy on Self-Hosted VM: Added \u003ccode\u003edeploy-on-self-hosted-vm\u003c/code\u003e input that allows the Harden Runner agent to be installed directly on ephemeral self-hosted Linux runner VMs at workflow runtime. This is intended as an alternative when baking the agent into the VM image is not possible.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.17.0...v2.18.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.17.0...v2.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.17.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003ePolicy Store Support\u003c/h3\u003e\n\u003cp\u003eAdded \u003ccode\u003euse-policy-store\u003c/code\u003e and \u003ccode\u003eapi-key\u003c/code\u003e inputs to fetch security policies directly from the \u003ca href=\"https://docs.stepsecurity.io/harden-runner/policy-store\"\u003eStepSecurity Policy Store\u003c/a\u003e. Policies can be defined and attached at the workflow, repo, org, or cluster (ARC) level, with the most granular policy taking precedence. This is the preferred method over the existing \u003ccode\u003epolicy\u003c/code\u003e input which requires \u003ccode\u003eid-token: write\u003c/code\u003e permission. If no policy is found in the store, the action defaults to audit mode.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.16.1...v2.17.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.16.1...v2.17.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eEnterprise tier: Added support for direct IP addresses in the allow list\nCommunity tier: Migrated Harden Runner telemetry to a new endpoint\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.16.0...v2.16.1\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.16.0...v2.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated action.yml to use node24\u003c/li\u003e\n\u003cli\u003eSecurity fix: Fixed a medium severity vulnerability where the egress block policy could be bypassed via DNS over HTTPS (DoH) by proxying DNS queries through a permitted resolver, allowing data exfiltration even with a restrictive allowed-endpoints list. This issue only affects the Community Tier; the Enterprise Tier is not affected. See \u003ca href=\"https://github.com/step-security/harden-runner/security/advisories/GHSA-46g3-37rh-v698\"\u003eGHSA-46g3-37rh-v698\u003c/a\u003e for details.\u003c/li\u003e\n\u003cli\u003eSecurity fix: Fixed a medium severity vulnerability where the egress block policy could be bypassed via DNS queries over TCP to external resolvers, allowing outbound network communication that evades configured network restrictions. This issue only affects the Community Tier; the Enterprise Tier is not affected. See \u003ca href=\"https://github.com/step-security/harden-runner/security/advisories/GHSA-g699-3x6g-wm3g\"\u003eGHSA-g699-3x6g-wm3g\u003c/a\u003e for details.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.15.1...v2.16.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.15.1...v2.16.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.15.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/642\"\u003estep-security/harden-runner#642\u003c/a\u003e bug due to which post step was failing on Windows ARM runners\u003c/li\u003e\n\u003cli\u003eUpdates npm packages\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/8d3c67de8e2fe68ef647c8db1e6a09f647780f40\"\u003e\u003ccode\u003e8d3c67d\u003c/code\u003e\u003c/a\u003e Release v2.19.0 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/661\"\u003e#661\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/6c3c2f2c1c457b00c10c4848d6f5491db3b629df\"\u003e\u003ccode\u003e6c3c2f2\u003c/code\u003e\u003c/a\u003e Feature/deploy on self hosted vm (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/658\"\u003e#658\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/f808768d1510423e83855289c910610ca9b43176\"\u003e\u003ccode\u003ef808768\u003c/code\u003e\u003c/a\u003e Feature/policy store (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/656\"\u003e#656\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/fe104658747b27e96e4f7e80cd0a94068e53901d\"\u003e\u003ccode\u003efe10465\u003c/code\u003e\u003c/a\u003e v2.16.1 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/654\"\u003e#654\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594\"\u003e\u003ccode\u003efa2e9d6\u003c/code\u003e\u003c/a\u003e Release v2.16.0 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/646\"\u003e#646\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/58077d3c7e43986b6b15fba718e8ea69e387dfcc\"\u003e\u003ccode\u003e58077d3\u003c/code\u003e\u003c/a\u003e Release v2.15.1 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/641\"\u003e#641\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/a90bcbc6539c36a85cdfeb73f7e2f433735f215b\"\u003e\u003ccode\u003ea90bcbc\u003c/code\u003e\u003c/a\u003e Update readme (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/637\"\u003e#637\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/f0a59d88538059e010b6ebd90b74e2740a6d05fc\"\u003e\u003ccode\u003ef0a59d8\u003c/code\u003e\u003c/a\u003e Release v2.15.0 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/639\"\u003e#639\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/step-security/harden-runner/compare/5ef0c079ce82195b2a36a210272d6b661572d83e...8d3c67de8e2fe68ef647c8db1e6a09f647780f40\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `KineticCafe/actions-dco` from 2.0.0 to 2.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kineticcafe/actions-dco/releases\"\u003eKineticCafe/actions-dco's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: bump actions/checkout from 5.0.0 to 6.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/KineticCafe/actions-dco/pull/197\"\u003eKineticCafe/actions-dco#197\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump actions/setup-node from 6.0.0 to 6.1.0 in the actions group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/KineticCafe/actions-dco/pull/200\"\u003eKineticCafe/actions-dco#200\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/KineticCafe/actions-dco/compare/v2.1.0...v2.1.1\"\u003ehttps://github.com/KineticCafe/actions-dco/compare/v2.1.0...v2.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: Bump pnpm/action-setup from 4.1.0 to 4.2.0 in the actions group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/KineticCafe/actions-dco/pull/189\"\u003eKineticCafe/actions-dco#189\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump actions/upload-artifact from 4.6.2 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/KineticCafe/actions-dco/pull/192\"\u003eKineticCafe/actions-dco#192\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump actions/setup-node from 5.0.0 to 6.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/KineticCafe/actions-dco/pull/190\"\u003eKineticCafe/actions-dco#190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump the bundler group with 2 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/KineticCafe/actions-dco/pull/191\"\u003eKineticCafe/actions-dco#191\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump js-yaml from 4.1.0 to 4.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/KineticCafe/actions-dco/pull/193\"\u003eKineticCafe/actions-dco#193\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Escape the \u003ccode\u003ereason\u003c/code\u003e in the summary table by \u003ca href=\"https://github.com/halostatue\"\u003e\u003ccode\u003e@​halostatue\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/KineticCafe/actions-dco/pull/199\"\u003eKineticCafe/actions-dco#199\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/KineticCafe/actions-dco/compare/v2.0.0...v2.1.0\"\u003ehttps://github.com/KineticCafe/actions-dco/compare/v2.0.0...v2.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/KineticCafe/actions-dco/blob/main/Changelog.md\"\u003eKineticCafe/actions-dco's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eKineticCafe/actions-dco Changelog\u003c/h1\u003e\n\u003ch2\u003e2.1.0 / 2025-12-17\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpgraded dependencies.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded a possible workaround to \u003ca href=\"https://redirect.github.com/kineticcafe/actions-dco/issues/198\"\u003e#198\u003c/a\u003e[issue-198].\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.0 / 2025-10-17\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgraded dependencies and set runtime as Node v24.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.8 / 2025-09-07\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade dependencies.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.7 / 2025-08-23\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump version number as it was forgotten for 1.3.6.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.6 / 2025-08-17\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrade dependencies.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded debug logs to try to debug \u003ca href=\"https://redirect.github.com/kineticcafe/actions-dco/issues/169\"\u003e#169\u003c/a\u003e[issue-169].\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eChange \u003ccode\u003egitSignoffs\u003c/code\u003e to use \u003ccode\u003eString.prototype.matchAll()\u003c/code\u003e instead of\n\u003ccode\u003eRegexp.prototype.exec()\u003c/code\u003e, and to use named capture groups. While I don't\nexpect this to fix \u003ca href=\"https://redirect.github.com/kineticcafe/actions-dco/issues/169\"\u003e#169\u003c/a\u003e[issue-169] based on the example data provided, it\nshould result in improved pattern matching across multiple commits.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.5 / 2025-08-01\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade dependencies.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.4 / 2025-03-01\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade dependencies.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.3 / 2025-02-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade dependencies, resolving a potential security issue.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.2 / 2024-12-01\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade dependencies.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.1 / 2024-11-01\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade dependencies.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KineticCafe/actions-dco/commit/6e1652ef3027ce128e65e6edd215ae053350bd16\"\u003e\u003ccode\u003e6e1652e\u003c/code\u003e\u003c/a\u003e chore: Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KineticCafe/actions-dco/commit/cd037df4d37aecd7cf7401e9a4a7ab89da941be4\"\u003e\u003ccode\u003ecd037df\u003c/code\u003e\u003c/a\u003e deps: bump actions/setup-node in the actions group across 1 directory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KineticCafe/actions-dco/commit/07b1ace348de5211cb9d258b6ca14cd7eff24a0d\"\u003e\u003ccode\u003e07b1ace\u003c/code\u003e\u003c/a\u003e chore: Update dist to try to fix a token issue\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KineticCafe/actions-dco/commit/b256b18a6f7ade986e2f6f10ae4e2ca150e23671\"\u003e\u003ccode\u003eb256b18\u003c/code\u003e\u003c/a\u003e deps: bump actions/checkout from 5.0.0 to 6.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KineticCafe/actions-dco/commit/76b7fc30ff5988e68d01ea07deeaf7e71256598f\"\u003e\u003ccode\u003e76b7fc3\u003c/code\u003e\u003c/a\u003e fix: Escape the \u003ccode\u003ereason\u003c/code\u003e in the summary table\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KineticCafe/actions-dco/commit/bc076f26f1031526c102fc674c5e9daf3bd0069a\"\u003e\u003ccode\u003ebc076f2\u003c/code\u003e\u003c/a\u003e deps: Update dist/ after dependabot update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KineticCafe/actions-dco/commit/3899b64419b9540830bf21edb396445324baface\"\u003e\u003ccode\u003e3899b64\u003c/code\u003e\u003c/a\u003e deps: Add autofix capability to Dependabot PRs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KineticCafe/actions-dco/commit/dc1cf81203f802ca4782e0134bbad6c449eb4fe9\"\u003e\u003ccode\u003edc1cf81\u003c/code\u003e\u003c/a\u003e deps: bump js-yaml from 4.1.0 to 4.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KineticCafe/actions-dco/commit/28c71a1f4cb5ffb179e8aac7a3f2df6f90e12a72\"\u003e\u003ccode\u003e28c71a1\u003c/code\u003e\u003c/a\u003e deps: bump the bundler group with 2 updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KineticCafe/actions-dco/commit/7fc90a9ac55ce37431299c5245bd64aabf864f05\"\u003e\u003ccode\u003e7fc90a9\u003c/code\u003e\u003c/a\u003e deps: bump actions/setup-node from 5.0.0 to 6.0.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kineticcafe/actions-dco/compare/cd9508e5ae82413fbd74b20af21551db0ea3eb78...6e1652ef3027ce128e65e6edd215ae053350bd16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/checkout` from 6.0.1 to 6.0.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/releases\"\u003eactions/checkout's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set by \u003ca href=\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2355\"\u003eactions/checkout#2355\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix tag handling: preserve annotations and explicit fetch-tags by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2356\"\u003eactions/checkout#2356\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v6.0.1...v6.0.2\"\u003ehttps://github.com/actions/checkout/compare/v6.0.1...v6.0.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/blob/main/CHANGELOG.md\"\u003eactions/checkout's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix tag handling: preserve annotations and explicit fetch-tags by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2356\"\u003eactions/checkout#2356\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd worktree support for persist-credentials includeIf by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2327\"\u003eactions/checkout#2327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca href=\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca href=\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca href=\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdjust positioning of user email note and permissions heading by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2044\"\u003eactions/checkout#2044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2194\"\u003eactions/checkout#2194\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CODEOWNERS for actions by \u003ca href=\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2224\"\u003eactions/checkout#2224\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate package dependencies by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2236\"\u003eactions/checkout#2236\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eurl-helper.ts\u003c/code\u003e now leverages well-known environment variables by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1941\"\u003eactions/checkout#1941\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpand unit test coverage for \u003ccode\u003eisGhes\u003c/code\u003e by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1946\"\u003eactions/checkout#1946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck out other refs/* by commit if provided, fall back to ref by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1924\"\u003eactions/checkout#1924\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Ref and Commit outputs by \u003ca href=\"https://github.com/lucacome\"\u003e\u003ccode\u003e@​lucacome\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1180\"\u003eactions/checkout#1180\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDependency updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e- \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1777\"\u003eactions/checkout#1777\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1872\"\u003eactions/checkout#1872\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump the minor-npm-dependencies group across 1 directory with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1739\"\u003eactions/checkout#1739\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 3 to 4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1697\"\u003eactions/checkout#1697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCheck out other refs/* by commit by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1774\"\u003eactions/checkout#1774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin actions/checkout's own workflows to a known, good, stable version. by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1776\"\u003eactions/checkout#1776\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck platform to set archive extension appropriately by \u003ca href=\"https://github.com/cory-miller\"\u003e\u003ccode\u003e@​cory-miller\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1732\"\u003eactions/checkout#1732\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003e\u003ccode\u003ede0fac2\u003c/code\u003e\u003c/a\u003e Fix tag handling: preserve annotations and explicit fetch-tags (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2356\"\u003e#2356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49\"\u003e\u003ccode\u003e064fe7f\u003c/code\u003e\u003c/a\u003e Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/actions/checkout/compare/8e8c483db84b4bee98b60c0593521ed34d9990e8...de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/dependency-review-action` from 4.8.2 to 4.9.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/dependency-review-action/releases\"\u003eactions/dependency-review-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDependency Review Action 4.9.0\u003c/h2\u003e\n\u003cp\u003eThis feature release contains a couple of notable changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThere is a new configuration option \u003ccode\u003eshow_patched_versions\u003c/code\u003e which will add a column to the output, showing the fix version of each vulnerable dependency. Thanks \u003ca href=\"https://github.com/felickz\"\u003e\u003ccode\u003e@​felickz\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eRuns which do not display OpenSSF scorecards no longer fetch scorecard information; previously it was fetched regardless of whether or not it was displayed, causing unneccessary slowness. Great catch \u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eThere are a couple of fixes to purl parsing which should improve match accuracy for \u003ccode\u003eallow-package-dependency\u003c/code\u003e lists, including case (in)sensitivity and url-encoded namespaces Thanks \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCompare normalized purls to account for encoding quirks by \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1056\"\u003eactions/dependency-review-action#1056\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake purl comparisons case insensitive by \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1057\"\u003eactions/dependency-review-action#1057\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFeat: Add \u003ccode\u003ePatched Version\u003c/code\u003e to \u003ccode\u003eVulnerabilities\u003c/code\u003e summary by \u003ca href=\"https://github.com/felickz\"\u003e\u003ccode\u003e@​felickz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1045\"\u003eactions/dependency-review-action#1045\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: only get scorecard levels if user wants to see the OpenSSF scorecard by \u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1060\"\u003eactions/dependency-review-action#1060\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/stale from 10.1.0 to 10.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1058\"\u003eactions/dependency-review-action#1058\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 4 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1021\"\u003eactions/dependency-review-action#1021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdates for release 4.9.0 by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1064\"\u003eactions/dependency-review-action#1064\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1060\"\u003eactions/dependency-review-action#1060\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/dependency-review-action/compare/v4.8.3...v4.9.0\"\u003ehttps://github.com/actions/dependency-review-action/compare/v4.8.3...v4.9.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.8.3\u003c/h2\u003e\n\u003ch2\u003eDependency Review Action v4.8.3\u003c/h2\u003e\n\u003cp\u003eThis is a bugfix release that updates a number of upstream dependencies and includes a fix for the earlier feature that detected oversized summaries and upload them as artifacts, which could occasionally crash the action.\u003c/p\u003e\n\u003cp\u003eWe have also updated the release process to use a long-lived \u003ccode\u003ev4\u003c/code\u003e \u003cstrong\u003ebranch\u003c/strong\u003e for the action, instead of a force-pushed tag, which aligns better with git branching strategies; the change should be transparent to end users.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGitHub Actions can't push to our protected main by \u003ca href=\"https://github.com/dangoor\"\u003e\u003ccode\u003e@​dangoor\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1017\"\u003eactions/dependency-review-action#1017\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/stale from 9.1.0 to 10.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/995\"\u003eactions/dependency-review-action#995\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump github/codeql-action from 3 to 4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1003\"\u003eactions/dependency-review-action#1003\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 4 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1005\"\u003eactions/dependency-review-action#1005\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade glob to address a vulnerability by \u003ca href=\"https://github.com/brrygrdn\"\u003e\u003ccode\u003e@​brrygrdn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1024\"\u003eactions/dependency-review-action#1024\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump js-yaml by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1020\"\u003eactions/dependency-review-action#1020\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAddressing vulnerabilities by \u003ca href=\"https://github.com/Ahmed3lmallah\"\u003e\u003ccode\u003e@​Ahmed3lmallah\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1036\"\u003eactions/dependency-review-action#1036\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump fast-xml-parser from 5.3.3 to 5.3.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1050\"\u003eactions/dependency-review-action#1050\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump fast-xml-parser from 5.3.5 to 5.3.6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1053\"\u003eactions/dependency-review-action#1053\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProperly truncate long summaries and catch errors by \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1052\"\u003eactions/dependency-review-action#1052\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump spdx-expression-parse from 3.0.1 to 4.0.0 in the spdx-licenses group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/931\"\u003eactions/dependency-review-action#931\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChanges for Release 4.8.3 by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1054\"\u003eactions/dependency-review-action#1054\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/dependency-review-action/compare/v4.8.2..v4.8.3\"\u003ehttps://github.com/actions/dependency-review-action/compare/v4.8.2..v4.8.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/2031cfc080254a8a887f58cffee85186f0e49e48\"\u003e\u003ccode\u003e2031cfc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1064\"\u003e#1064\u003c/a\u003e from actions/ahpook/release-4.9.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/d02fa39f790d6e8a4ecafab5848251ff12c20df7\"\u003e\u003ccode\u003ed02fa39\u003c/code\u003e\u003c/a\u003e Updates for release 4.9.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/4038a34c4b30f7c11a7d45dc8dbea40e2211aa27\"\u003e\u003ccode\u003e4038a34\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1021\"\u003e#1021\u003c/a\u003e from actions/dependabot/github_actions/actions/check...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/a632b8386b2cc2b1b99427606b513f7632d27e91\"\u003e\u003ccode\u003ea632b83\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1058\"\u003e#1058\u003c/a\u003e from actions/dependabot/github_actions/actions/stale...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/57a3d46a7be2c2e259fa3284ffc501296337f2ac\"\u003e\u003ccode\u003e57a3d46\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1060\"\u003e#1060\u003c/a\u003e from jantiebot/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/5ecdc4b5781cdabdfe233d6e58ec18eac23e275d\"\u003e\u003ccode\u003e5ecdc4b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1045\"\u003e#1045\u003c/a\u003e from forks-felickz/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/e8c2f9a12c568d6f36f8d3a9935a6c71afc691f5\"\u003e\u003ccode\u003ee8c2f9a\u003c/code\u003e\u003c/a\u003e fix: remove inferrable type annotation to pass eslint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/0e129e113c878bfe7c1abf6c6d94b180cbf71086\"\u003e\u003ccode\u003e0e129e1\u003c/code\u003e\u003c/a\u003e Prettier  - Refactor summary table rendering for improved readability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/aa60746a920d63ce55376f67d381e15edd3a714d\"\u003e\u003ccode\u003eaa60746\u003c/code\u003e\u003c/a\u003e Add 'show-patched-versions' option to configuration and update summary handling\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/e4047984002250b82268ac37f613ab74366e1d85\"\u003e\u003ccode\u003ee404798\u003c/code\u003e\u003c/a\u003e Merge upstream actions/dependency-review-action main\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/dependency-review-action/compare/3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261...2031cfc080254a8a887f58cffee85186f0e49e48\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `erlef/setup-beam` from 1.20.4 to 1.24.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.24.0\u003c/h2\u003e\n\u003ch2\u003e⚠️ Potentially breaking changes\u003c/h2\u003e\n\u003cp\u003eSince GitHub is phasing out Node 20 runners, the \u003ccode\u003eerlef/setup-beam\u003c/code\u003e action has updated its requirements ([see PR \u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/426\"\u003e#426\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e)). Please \u003cstrong\u003eensure your workflow files are updated\u003c/strong\u003e to align with the \u003ca href=\"https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/\"\u003elatest GitHub Actions standards\u003c/a\u003e to avoid execution failures.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Node 24 runtime by \u003ca href=\"https://github.com/levibuzolic\"\u003e\u003ccode\u003e@​levibuzolic\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix error that occurs when parsing TOML files that use dotted keys by \u003ca href=\"https://github.com/mitchellhenke\"\u003e\u003ccode\u003e@​mitchellhenke\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/444\"\u003eerlef/setup-beam#444\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAutomation\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/435\"\u003eerlef/setup-beam#435\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/436\"\u003eerlef/setup-beam#436\u003c/a\u003e, and \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/442\"\u003eerlef/setup-beam#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSecurity\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump eslint from 10.0.3 to 10.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/439\"\u003eerlef/setup-beam#439\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump yauzl from 3.2.0 to 3.2.1 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/437\"\u003eerlef/setup-beam#437\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump csv-parse from 6.1.0 to 6.2.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/440\"\u003eerlef/setup-beam#440\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump picomatch from 4.0.3 to 4.0.4 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/443\"\u003eerlef/setup-beam#443\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: address \u003ccode\u003ePrototype Pollution via parse() in NodeJS flatted\u003c/code\u003e by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/445\"\u003eerlef/setup-beam#445\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/levibuzolic\"\u003e\u003ccode\u003e@​levibuzolic\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mitchellhenke\"\u003e\u003ccode\u003e@​mitchellhenke\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/444\"\u003eerlef/setup-beam#444\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.24.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.24.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/fc68ffb90438ef2936bbb3251622353b3dcb2f93\"\u003e\u003ccode\u003efc68ffb\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 190c3a5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/190c3a5e7b2d0a7e53ac2ae08f02a617c755b13d\"\u003e\u003ccode\u003e190c3a5\u003c/code\u003e\u003c/a\u003e Fix error that occurs when parsing TOML files that use dotted keys (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/444\"\u003e#444\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/92dab893ed9373c7c8b219be47f9e6ad3684507b\"\u003e\u003ccode\u003e92dab89\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 5dfda65\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/5dfda6550693b3e524212c8e8956489385351723\"\u003e\u003ccode\u003e5dfda65\u003c/code\u003e\u003c/a\u003e fix: address \u003ccode\u003ePrototype Pollution via parse() in NodeJS flatted\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/445\"\u003e#445\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ef385d6edc40d082c376680340dc4581014fb5c3\"\u003e\u003ccode\u003eef385d6\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to bf3c3af\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf3c3af135ef07a5f34ef23377a9cbf2b2e1fab0\"\u003e\u003ccode\u003ebf3c3af\u003c/code\u003e\u003c/a\u003e Bump picomatch from 4.0.3 to 4.0.4 in the npm_and_yarn group across 1 directo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/e7645e410255776e1f30cddea2b7842df4b842fb\"\u003e\u003ccode\u003ee7645e4\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to a36098e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/a36098e7415c702808cc414302b5a3fa2c83df52\"\u003e\u003ccode\u003ea36098e\u003c/code\u003e\u003c/a\u003e Bump csv-parse from 6.1.0 to 6.2.1 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/440\"\u003e#440\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/87781dc68a92d3ae823e02b5a7c030621fcc71a2\"\u003e\u003ccode\u003e87781dc\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to d5f3979\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/d5f3979a5f2803385ad71e7a9e178d31f89b8d2b\"\u003e\u003ccode\u003ed5f3979\u003c/code\u003e\u003c/a\u003e Support Node 24 runtime (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/426\"\u003e#426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/e6d7c94229049569db56a7ad5a540c051a010af9...fc68ffb90438ef2936bbb3251622353b3dcb2f93\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/cache` from 5.0.1 to 5.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/cache/releases\"\u003eactions/cache's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate ts-http-runtime dependency by \u003ca href=\"https://github.com/yacaovsnc\"\u003e\u003ccode\u003e@​yacaovsnc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1747\"\u003eactions/cache#1747\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v5...v5.0.5\"\u003ehttps://github.com/actions/cache/compare/v5...v5.0.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd release instructions and update maintainer docs by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1696\"\u003eactions/cache#1696\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePotential fix for code scanning alert no. 52: Workflow does not contain permissions by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1697\"\u003eactions/cache#1697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix workflow permissions and cleanup workflow names / formatting by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1699\"\u003eactions/cache#1699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Update examples to use the latest version by \u003ca href=\"https://github.com/XZTDean\"\u003e\u003ccode\u003e@​XZTDean\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1690\"\u003eactions/cache#1690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix proxy integration tests by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1701\"\u003eactions/cache#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix cache key in examples.md for bun.lock by \u003ca href=\"https://github.com/RyPeck\"\u003e\u003ccode\u003e@​RyPeck\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1722\"\u003eactions/cache#1722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate dependencies \u0026amp; patch security vulnerabilities by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1738\"\u003eactions/cache#1738\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/XZTDean\"\u003e\u003ccode\u003e@​XZTDean\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1690\"\u003eactions/cache#1690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/RyPeck\"\u003e\u003ccode\u003e@​RyPeck\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1722\"\u003eactions/cache#1722\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v5...v5.0.4\"\u003ehttps://github.com/actions/cache/compare/v5...v5.0.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/cache\u003c/code\u003e to v5.0.5 (Resolves: \u003ca href=\"https://github.com/actions/cache/security/dependabot/33\"\u003ehttps://github.com/actions/cache/security/dependabot/33\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/core\u003c/code\u003e to v2.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v5...v5.0.3\"\u003ehttps://github.com/actions/cache/compare/v5...v5.0.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev.5.0.2\u003c/h2\u003e\n\u003ch1\u003ev5.0.2\u003c/h1\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eWhen creating cache entries, 429s returned from the cache service will not be retried.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/cache/blob/main/RELEASES.md\"\u003eactions/cache's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eReleases\u003c/h1\u003e\n\u003ch2\u003eHow to prepare a release\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\u003cbr /\u003e\nRelevant for maintainers with write access only.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003col\u003e\n\u003cli\u003eSwitch to a new branch from \u003ccode\u003emain\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003enpm test\u003c/code\u003e to ensure all tests are passing.\u003c/li\u003e\n\u003cli\u003eUpdate the version in \u003ca href=\"https://github.com/actions/cache/blob/main/package.json\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/package.json\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003enpm run build\u003c/code\u003e to update the compiled files.\u003c/li\u003e\n\u003cli\u003eUpdate this \u003ca href=\"https://github.com/actions/cache/blob/main/RELEASES.md\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/RELEASES.md\u003c/code\u003e\u003c/a\u003e with the new version and changes in the \u003ccode\u003e## Changelog\u003c/code\u003e section.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003elicensed cache\u003c/code\u003e to update the license report.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003elicensed status\u003c/code\u003e and resolve any warnings by updating the \u003ca href=\"https://github.com/actions/cache/blob/main/.licensed.yml\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/.licensed.yml\u003c/code\u003e\u003c/a\u003e file with the exceptions.\u003c/li\u003e\n\u003cli\u003eCommit your changes and push your branch upstream.\u003c/li\u003e\n\u003cli\u003eOpen a pull request against \u003ccode\u003emain\u003c/code\u003e and get it reviewed and merged.\u003c/li\u003e\n\u003cli\u003eDraft a new release \u003ca href=\"https://github.com/actions/cache/releases\"\u003ehttps://github.com/actions/cache/releases\u003c/a\u003e use the same version number used in \u003ccode\u003epackage.json\u003c/code\u003e\n\u003col\u003e\n\u003cli\u003eCreate a new tag with the version number.\u003c/li\u003e\n\u003cli\u003eAuto generate release notes and update them to match the changes you made in \u003ccode\u003eRELEASES.md\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eToggle the set as the latest release option.\u003c/li\u003e\n\u003cli\u003ePublish the release.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/li\u003e\n\u003cli\u003eNavigate to \u003ca href=\"https://github.com/actions/cache/actions/workflows/release-new-action-version.yml\"\u003ehttps://github.com/actions/cache/actions/workflows/release-new-action-version.yml\u003c/a\u003e\n\u003col\u003e\n\u003cli\u003eThere should be a workflow run queued with the same version number.\u003c/li\u003e\n\u003cli\u003eApprove the run to publish the new version and update the major tags for this action.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003ch3\u003e5.0.4\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003eminimatch\u003c/code\u003e to v3.1.5 (fixes ReDoS via globstar patterns)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003eundici\u003c/code\u003e to v6.24.1 (WebSocket decompression bomb protection, header validation fixes)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003efast-xml-parser\u003c/code\u003e to v5.5.6\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.3\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/cache\u003c/code\u003e to v5.0.5 (Resolves: \u003ca href=\"https://github.com/actions/cache/security/dependabot/33\"\u003ehttps://github.com/actions/cache/security/dependabot/33\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/core\u003c/code\u003e to v2.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/cache\u003c/code\u003e to v5.0.3 \u003ca href=\"https://redirect.github.com/actions/cache/pull/1692\"\u003e#1692\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@azure/storage-blob\u003c/code\u003e to \u003ccode\u003e^12.29.1\u003c/code\u003e via \u003ccode\u003e@actions/cache@5.0.1\u003c/code\u003e \u003ca href=\"https://redirect.github.com/actions/cache/pull/1685\"\u003e#1685\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.0\u003c/h3\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\n\u003ccode\u003eactions/cache@v5\u003c/code\u003e runs on the Node.js 24 runtime and requires a minimum Actions Runner version of \u003ccode\u003e2.327.1\u003c/code\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/27d5ce7f107fe9357f9df03efb73ab90386fccae\"\u003e\u003ccode\u003e27d5ce7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1747\"\u003e#1747\u003c/a\u003e from actions/yacaovsnc/update-dependency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/f280785d7b6e1884c7d12b9136eb0f4a1574fcfd\"\u003e\u003ccode\u003ef280785\u003c/code\u003e\u003c/a\u003e licensed changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/619aeb1606e195be0b36fd0ff68dcf1aff6b65a7\"\u003e\u003ccode\u003e619aeb1\u003c/code\u003e\u003c/a\u003e npm run build generated dist files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/bcf16c2893940a4899761e55c7ac3c1cf88a04f6\"\u003e\u003ccode\u003ebcf16c2\u003c/code\u003e\u003c/a\u003e Update ts-http-runtime to 0.3.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/668228422ae6a00e4ad889ee87cd7109ec5666a7\"\u003e\u003ccode\u003e6682284\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1738\"\u003e#1738\u003c/a\u003e from actions/prepare-v5.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/e34039626f957d3e3e50843d15c1b20547fc90e2\"\u003e\u003ccode\u003ee340396\u003c/code\u003e\u003c/a\u003e Update RELEASES\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/8a671105293e81530f1af99863cdf94550aba1a6\"\u003e\u003ccode\u003e8a67110\u003c/code\u003e\u003c/a\u003e Add licenses\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/1865903e1b0cb750dda9bc5c58be03424cc62830\"\u003e\u003ccode\u003e1865903\u003c/code\u003e\u003c/a\u003e Update dependencies \u0026amp; patch security vulnerabilities\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/565629816435f6c0b50676926c9b05c254113c0c\"\u003e\u003ccode\u003e5656298\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1722\"\u003e#1722\u003c/a\u003e from RyPeck/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/4e380d19e192ace8e86f23f32ca6fdec98a673c6\"\u003e\u003ccode\u003e4e380d1\u003c/code\u003e\u003c/a\u003e Fix cache key in examples.md for bun.lock\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/cache/compare/9255dc7a253b0ccc959486e2bca901246202afeb...27d5ce7f107fe9357f9df03efb73ab90386fccae\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `reviewdog/action-actionlint` from 1.69.1 to 1.72.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/reviewdog/action-actionlint/releases\"\u003ereviewdog/action-actionlint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease v1.72.0\u003c/h2\u003e\n\u003cp\u003ev1.72.0: PR \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/196\"\u003e#196\u003c/a\u003e - chore(deps): update actionlint to 1.7.12\u003c/p\u003e\n\u003ch2\u003eRelease v1.71.0\u003c/h2\u003e\n\u003cp\u003ev1.71.0: PR \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/193\"\u003e#193\u003c/a\u003e - chore(deps): update actionlint to 1.7.11\u003c/p\u003e\n\u003ch2\u003eRelease v1.70.0\u003c/h2\u003e\n\u003cp\u003ev1.70.0: PR \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/191\"\u003e#191\u003c/a\u003e - chore(deps): update actionlint to 1.7.10\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/6fb7acc99f4a1008869fa8a0f09cfca740837d9d\"\u003e\u003ccode\u003e6fb7acc\u003c/code\u003e\u003c/a\u003e bump v1.72.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/b2a904a8c140063d06dc5319ba69a672d7a4909d\"\u003e\u003ccode\u003eb2a904a\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into releases/v1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/5eaffa19a1991ecc52b11eddcdd57760d1ac7e3d\"\u003e\u003ccode\u003e5eaffa1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/196\"\u003e#196\u003c/a\u003e from reviewdog/depup/actionlint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/39a67548aa7718c321746aa5a54a9e8034505cde\"\u003e\u003ccode\u003e39a6754\u003c/code\u003e\u003c/a\u003e chore(deps): update actionlint to 1.7.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/d39025c0fb1cc41ac827852403ea94804b0e6907\"\u003e\u003ccode\u003ed39025c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/195\"\u003e#195\u003c/a\u003e from reviewdog/renovate/docker-setup-buildx-action-4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/2e8272d25ca2b89be8abc6a0b65c8c5e8a5eae05\"\u003e\u003ccode\u003e2e8272d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/194\"\u003e#194\u003c/a\u003e from reviewdog/renovate/docker-setup-qemu-action-4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/128d9b7b1e43f8eaef5602138f5c9f80ee3c3149\"\u003e\u003ccode\u003e128d9b7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/190\"\u003e#190\u003c/a\u003e from reviewdog/renovate/shogo82148-actions-create-rel...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/1674e4f79a2bf9c94d1d301e60b8f8226eea0137\"\u003e\u003ccode\u003e1674e4f\u003c/code\u003e\u003c/a\u003e chore(deps): update docker/setup-buildx-action action to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/8fdb9d20764d93bca3a294fe7fd615fcf8a82332\"\u003e\u003ccode\u003e8fdb9d2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/189\"\u003e#189\u003c/a\u003e from reviewdog/renovate/docker-setup-buildx-action-3.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/a518ce8798c4eda875ca9e369388679ec67ac3ac\"\u003e\u003ccode\u003ea518ce8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/188\"\u003e#188\u003c/a\u003e from reviewdog/renovate/peter-evans-create-pull-reque...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/reviewdog/action-actionlint/compare/83e4ed25b168066ad8f62f5afbb29ebd8641d982...6fb7acc99f4a1008869fa8a0f09cfca740837d9d\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zizmorcore/zizmor-action` from 0.3.0 to 0.5.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/zizmorcore/zizmor-action/releases\"\u003ezizmorcore/zizmor-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.5.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e1.24.0\u003c/code\u003e and \u003ccode\u003e1.24.1\u003c/code\u003e are now available via the action\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e1.24.1\u003c/code\u003e is now the default version of zizmor used by the action\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/zizmorcore/zizmor-action/compare/v0.5.2...v0.5.3\"\u003ehttps://github.com/zizmorcore/zizmor-action/compare/v0.5.2...v0.5.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ezizmor 1.23.1 is now the default used by this action.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/zizmorcore/zizmor-action/compare/v0.5.1...v0.5.2\"\u003ehttps://github.com/zizmorcore/zizmor-action/compare/v0.5.1...v0.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ezizmor 1.23.0 is now the default used by this action.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/zizmorcore/zizmor-action/compare/v0.5.0...v0.5.1\"\u003ehttps://github.com/zizmorcore/zizmor-action/compare/v0.5.0...v0.5.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eExpose \u003ccode\u003eoutput-file\u003c/code\u003e as an output when \u003ccode\u003eadvanced-security: true\u003c/code\u003e by \u003ca href=\"https://github.com/unlobito\"\u003e\u003ccode\u003e@​unlobito\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/pull/87\"\u003ezizmorcore/zizmor-action#87\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/unlobito\"\u003e\u003ccode\u003e@​unlobito\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/pull/87\"\u003ezizmorcore/zizmor-action#87\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/zizmorcore/zizmor-action/compare/v0.4.1...v0.5.0\"\u003ehttps://github.com/zizmorcore/zizmor-action/compare/v0.4.1...v0.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.4.1\u003c/h2\u003e\n\u003cp\u003eThis version fixes an error in the 0.4.0 release that prevented non-relative use\nof the action.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix version file path by \u003ca href=\"https://github.com/woodruffw\"\u003e\u003ccode\u003e@​woodruffw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/pull/83\"\u003ezizmorcore/zizmor-action#83\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/zizmorcore/zizmor-action/compare/v0.4.0...v0.4.1\"\u003ehttps://github.com/zizmorcore/zizmor-action/compare/v0.4.0...v0.4.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.4.0\u003c/h2\u003e\n\u003cp\u003eThis new version of \u003ccode\u003ezizmor-action\u003c/code\u003e brings two major changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eThe new \u003ccode\u003efail-on-no-inputs\u003c/code\u003e option can be used to control whether\n\u003ccode\u003ezizmor-action\u003c/code\u003e fails if no inputs were collected by \u003ccode\u003ezizmor\u003c/code\u003e. The default\nremains \u003ccode\u003etrue\u003c/code\u003e, reflecting the pre-existing behavior.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe action's use of the official \u003ccode\u003ezizmor\u003c/code\u003e Docker images is now fully\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/b1d7e1fb5de872772f31590499237e7cce841e8e\"\u003e\u003ccode\u003eb1d7e1f\u003c/code\u003e\u003c/a\u003e Sync zizmor versions (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/a195b57475917ddcb70845e5ffe1c3a15dbbdedc\"\u003e\u003ccode\u003ea195b57\u003c/code\u003e\u003c/a\u003e Sync zizmor versions (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/100\"\u003e#100\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/629d5d01fe5939a6aeae25c1bd1acd2cfa28e9b2\"\u003e\u003ccode\u003e629d5d0\u003c/code\u003e\u003c/a\u003e chore(deps): bump github/codeql-action in the github-actions group (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/99\"\u003e#99\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/453d591467e8199b1d5c6883b6ec5c22a12aac72\"\u003e\u003ccode\u003e453d591\u003c/code\u003e\u003c/a\u003e chore(deps): bump the github-actions group with 2 updates (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/98\"\u003e#98\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/ea2c18b942410df0b22bed3b94c361c407518d45\"\u003e\u003ccode\u003eea2c18b\u003c/code\u003e\u003c/a\u003e Bump pins (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/97\"\u003e#97\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/71321a20a9ded102f6e9ce5718a2fcec2c4f70d8\"\u003e\u003ccode\u003e71321a2\u003c/code\u003e\u003c/a\u003e Sync zizmor versions (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/5ed31db0964a9d37608edd5b0675de2b52070662\"\u003e\u003ccode\u003e5ed31db\u003c/code\u003e\u003c/a\u003e Bump pins (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/195d10ad90f31d8cd6ea1efd6ecc12969ddbe73f\"\u003e\u003ccode\u003e195d10a\u003c/code\u003e\u003c/a\u003e Sync zizmor versions (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/94\"\u003e#94\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/c65bc8876171b6d82748ec98b77c0193b1226b94\"\u003e\u003ccode\u003ec65bc88\u003c/code\u003e\u003c/a\u003e chore(deps): bump github/codeql-action in the github-actions group (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/93\"\u003e#93\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/c2c887f84674f9c15123e2905d2d307675d8bc01\"\u003e\u003ccode\u003ec2c887f\u003c/code\u003e\u003c/a\u003e chore(deps): bump zizmorcore/zizmor-action in the github-actions group (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/91\"\u003e#91\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/zizmorcore/zizmor-action/compare/e639db99335bc9038abc0e066dfcd72e23d26fb4...b1d7e1fb5de872772f31590499237e7cce841e8e\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/halostatue/mnemonist/pull/41","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/halostatue%2Fmnemonist/issues/41","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/41/packages"}},{"old_version":"1.20.4","new_version":"1.24.0","update_type":"minor","path":null,"pr_created_at":"2026-05-01T06:16:04.000Z","version_change":"1.20.4 → 1.24.0","issue":{"uuid":"4363130601","node_id":"PR_kwDORF6wcM7XWw7M","number":9,"state":"closed","title":"deps: Bump the actions group across 1 directory with 6 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-13T04:19:17.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-01T06:16:04.000Z","updated_at":"2026-05-13T04:19:19.000Z","time_to_close":1029793,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps: Bump","group_name":"actions","update_count":6,"packages":[{"name":"step-security/harden-runner","old_version":"2.14.2","new_version":"2.19.0","repository_url":"https://github.com/step-security/harden-runner"},{"name":"actions/dependency-review-action","old_version":"4.8.3","new_version":"4.9.0","repository_url":"https://github.com/actions/dependency-review-action"},{"name":"erlef/setup-beam","old_version":"1.20.4","new_version":"1.24.0","repository_url":"https://github.com/erlef/setup-beam"},{"name":"actions/cache","old_version":"5.0.3","new_version":"5.0.5","repository_url":"https://github.com/actions/cache"},{"name":"reviewdog/action-actionlint","old_version":"1.71.0","new_version":"1.72.0","repository_url":"https://github.com/reviewdog/action-actionlint"},{"name":"zizmorcore/zizmor-action","old_version":"0.5.0","new_version":"0.5.3","repository_url":"https://github.com/zizmorcore/zizmor-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 6 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.14.2` | `2.19.0` |\n| [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.8.3` | `4.9.0` |\n| [erlef/setup-beam](https://github.com/erlef/setup-beam) | `1.20.4` | `1.24.0` |\n| [actions/cache](https://github.com/actions/cache) | `5.0.3` | `5.0.5` |\n| [reviewdog/action-actionlint](https://github.com/reviewdog/action-actionlint) | `1.71.0` | `1.72.0` |\n| [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action) | `0.5.0` | `0.5.3` |\n\n\nUpdates `step-security/harden-runner` from 2.14.2 to 2.19.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/step-security/harden-runner/releases\"\u003estep-security/harden-runner's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.19.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eNew Runner Support\u003c/h3\u003e\n\u003cp\u003eHarden-Runner now supports Depot, Blacksmith, Namespace, and WarpBuild runners with the same egress monitoring, runtime monitoring, and policy enforcement available on GitHub-hosted runners.\u003c/p\u003e\n\u003ch3\u003eAutomated Incident Response for Supply Chain Attacks\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eGlobal block list: Outbound connections to known malicious domains and IPs are now blocked even in audit mode.\u003c/li\u003e\n\u003cli\u003eSystem-defined detection rules: Harden-Runner will trigger lockdown mode when a high risk event is detected during an active supply chain attack (for example, a process reading the memory of the runner worker process, a common technique for stealing GitHub Actions secrets).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cp\u003eWindows and macOS: stability and reliability fixes\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.18.0...v2.19.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.18.0...v2.19.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.18.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eGlobal Block List: During supply chain incidents like the recent axios and trivy compromises, StepSecurity will add known malicious domains and IP addresses (IOCs) to a global block list. These will be automatically blocked, even in audit mode, providing immediate protection without requiring any workflow changes.\u003c/p\u003e\n\u003cp\u003eDeploy on Self-Hosted VM: Added \u003ccode\u003edeploy-on-self-hosted-vm\u003c/code\u003e input that allows the Harden Runner agent to be installed directly on ephemeral self-hosted Linux runner VMs at workflow runtime. This is intended as an alternative when baking the agent into the VM image is not possible.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.17.0...v2.18.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.17.0...v2.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.17.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003ePolicy Store Support\u003c/h3\u003e\n\u003cp\u003eAdded \u003ccode\u003euse-policy-store\u003c/code\u003e and \u003ccode\u003eapi-key\u003c/code\u003e inputs to fetch security policies directly from the \u003ca href=\"https://docs.stepsecurity.io/harden-runner/policy-store\"\u003eStepSecurity Policy Store\u003c/a\u003e. Policies can be defined and attached at the workflow, repo, org, or cluster (ARC) level, with the most granular policy taking precedence. This is the preferred method over the existing \u003ccode\u003epolicy\u003c/code\u003e input which requires \u003ccode\u003eid-token: write\u003c/code\u003e permission. If no policy is found in the store, the action defaults to audit mode.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.16.1...v2.17.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.16.1...v2.17.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eEnterprise tier: Added support for direct IP addresses in the allow list\nCommunity tier: Migrated Harden Runner telemetry to a new endpoint\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.16.0...v2.16.1\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.16.0...v2.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated action.yml to use node24\u003c/li\u003e\n\u003cli\u003eSecurity fix: Fixed a medium severity vulnerability where the egress block policy could be bypassed via DNS over HTTPS (DoH) by proxying DNS queries through a permitted resolver, allowing data exfiltration even with a restrictive allowed-endpoints list. This issue only affects the Community Tier; the Enterprise Tier is not affected. See \u003ca href=\"https://github.com/step-security/harden-runner/security/advisories/GHSA-46g3-37rh-v698\"\u003eGHSA-46g3-37rh-v698\u003c/a\u003e for details.\u003c/li\u003e\n\u003cli\u003eSecurity fix: Fixed a medium severity vulnerability where the egress block policy could be bypassed via DNS queries over TCP to external resolvers, allowing outbound network communication that evades configured network restrictions. This issue only affects the Community Tier; the Enterprise Tier is not affected. See \u003ca href=\"https://github.com/step-security/harden-runner/security/advisories/GHSA-g699-3x6g-wm3g\"\u003eGHSA-g699-3x6g-wm3g\u003c/a\u003e for details.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.15.1...v2.16.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.15.1...v2.16.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.15.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/642\"\u003estep-security/harden-runner#642\u003c/a\u003e bug due to which post step was failing on Windows ARM runners\u003c/li\u003e\n\u003cli\u003eUpdates npm packages\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/8d3c67de8e2fe68ef647c8db1e6a09f647780f40\"\u003e\u003ccode\u003e8d3c67d\u003c/code\u003e\u003c/a\u003e Release v2.19.0 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/661\"\u003e#661\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/6c3c2f2c1c457b00c10c4848d6f5491db3b629df\"\u003e\u003ccode\u003e6c3c2f2\u003c/code\u003e\u003c/a\u003e Feature/deploy on self hosted vm (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/658\"\u003e#658\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/f808768d1510423e83855289c910610ca9b43176\"\u003e\u003ccode\u003ef808768\u003c/code\u003e\u003c/a\u003e Feature/policy store (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/656\"\u003e#656\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/fe104658747b27e96e4f7e80cd0a94068e53901d\"\u003e\u003ccode\u003efe10465\u003c/code\u003e\u003c/a\u003e v2.16.1 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/654\"\u003e#654\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594\"\u003e\u003ccode\u003efa2e9d6\u003c/code\u003e\u003c/a\u003e Release v2.16.0 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/646\"\u003e#646\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/58077d3c7e43986b6b15fba718e8ea69e387dfcc\"\u003e\u003ccode\u003e58077d3\u003c/code\u003e\u003c/a\u003e Release v2.15.1 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/641\"\u003e#641\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/a90bcbc6539c36a85cdfeb73f7e2f433735f215b\"\u003e\u003ccode\u003ea90bcbc\u003c/code\u003e\u003c/a\u003e Update readme (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/637\"\u003e#637\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/f0a59d88538059e010b6ebd90b74e2740a6d05fc\"\u003e\u003ccode\u003ef0a59d8\u003c/code\u003e\u003c/a\u003e Release v2.15.0 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/639\"\u003e#639\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/step-security/harden-runner/compare/5ef0c079ce82195b2a36a210272d6b661572d83e...8d3c67de8e2fe68ef647c8db1e6a09f647780f40\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/dependency-review-action` from 4.8.3 to 4.9.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/dependency-review-action/releases\"\u003eactions/dependency-review-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDependency Review Action 4.9.0\u003c/h2\u003e\n\u003cp\u003eThis feature release contains a couple of notable changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThere is a new configuration option \u003ccode\u003eshow_patched_versions\u003c/code\u003e which will add a column to the output, showing the fix version of each vulnerable dependency. Thanks \u003ca href=\"https://github.com/felickz\"\u003e\u003ccode\u003e@​felickz\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eRuns which do not display OpenSSF scorecards no longer fetch scorecard information; previously it was fetched regardless of whether or not it was displayed, causing unneccessary slowness. Great catch \u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eThere are a couple of fixes to purl parsing which should improve match accuracy for \u003ccode\u003eallow-package-dependency\u003c/code\u003e lists, including case (in)sensitivity and url-encoded namespaces Thanks \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCompare normalized purls to account for encoding quirks by \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1056\"\u003eactions/dependency-review-action#1056\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake purl comparisons case insensitive by \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1057\"\u003eactions/dependency-review-action#1057\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFeat: Add \u003ccode\u003ePatched Version\u003c/code\u003e to \u003ccode\u003eVulnerabilities\u003c/code\u003e summary by \u003ca href=\"https://github.com/felickz\"\u003e\u003ccode\u003e@​felickz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1045\"\u003eactions/dependency-review-action#1045\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: only get scorecard levels if user wants to see the OpenSSF scorecard by \u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1060\"\u003eactions/dependency-review-action#1060\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/stale from 10.1.0 to 10.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1058\"\u003eactions/dependency-review-action#1058\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 4 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1021\"\u003eactions/dependency-review-action#1021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdates for release 4.9.0 by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1064\"\u003eactions/dependency-review-action#1064\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1060\"\u003eactions/dependency-review-action#1060\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/dependency-review-action/compare/v4.8.3...v4.9.0\"\u003ehttps://github.com/actions/dependency-review-action/compare/v4.8.3...v4.9.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/2031cfc080254a8a887f58cffee85186f0e49e48\"\u003e\u003ccode\u003e2031cfc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1064\"\u003e#1064\u003c/a\u003e from actions/ahpook/release-4.9.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/d02fa39f790d6e8a4ecafab5848251ff12c20df7\"\u003e\u003ccode\u003ed02fa39\u003c/code\u003e\u003c/a\u003e Updates for release 4.9.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/4038a34c4b30f7c11a7d45dc8dbea40e2211aa27\"\u003e\u003ccode\u003e4038a34\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1021\"\u003e#1021\u003c/a\u003e from actions/dependabot/github_actions/actions/check...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/a632b8386b2cc2b1b99427606b513f7632d27e91\"\u003e\u003ccode\u003ea632b83\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1058\"\u003e#1058\u003c/a\u003e from actions/dependabot/github_actions/actions/stale...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/57a3d46a7be2c2e259fa3284ffc501296337f2ac\"\u003e\u003ccode\u003e57a3d46\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1060\"\u003e#1060\u003c/a\u003e from jantiebot/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/5ecdc4b5781cdabdfe233d6e58ec18eac23e275d\"\u003e\u003ccode\u003e5ecdc4b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1045\"\u003e#1045\u003c/a\u003e from forks-felickz/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/e8c2f9a12c568d6f36f8d3a9935a6c71afc691f5\"\u003e\u003ccode\u003ee8c2f9a\u003c/code\u003e\u003c/a\u003e fix: remove inferrable type annotation to pass eslint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/0e129e113c878bfe7c1abf6c6d94b180cbf71086\"\u003e\u003ccode\u003e0e129e1\u003c/code\u003e\u003c/a\u003e Prettier  - Refactor summary table rendering for improved readability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/aa60746a920d63ce55376f67d381e15edd3a714d\"\u003e\u003ccode\u003eaa60746\u003c/code\u003e\u003c/a\u003e Add 'show-patched-versions' option to configuration and update summary handling\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/e4047984002250b82268ac37f613ab74366e1d85\"\u003e\u003ccode\u003ee404798\u003c/code\u003e\u003c/a\u003e Merge upstream actions/dependency-review-action main\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/dependency-review-action/compare/05fe4576374b728f0c523d6a13d64c25081e0803...2031cfc080254a8a887f58cffee85186f0e49e48\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `erlef/setup-beam` from 1.20.4 to 1.24.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.24.0\u003c/h2\u003e\n\u003ch2\u003e⚠️ Potentially breaking changes\u003c/h2\u003e\n\u003cp\u003eSince GitHub is phasing out Node 20 runners, the \u003ccode\u003eerlef/setup-beam\u003c/code\u003e action has updated its requirements ([see PR \u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/426\"\u003e#426\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e)). Please \u003cstrong\u003eensure your workflow files are updated\u003c/strong\u003e to align with the \u003ca href=\"https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/\"\u003elatest GitHub Actions standards\u003c/a\u003e to avoid execution failures.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Node 24 runtime by \u003ca href=\"https://github.com/levibuzolic\"\u003e\u003ccode\u003e@​levibuzolic\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix error that occurs when parsing TOML files that use dotted keys by \u003ca href=\"https://github.com/mitchellhenke\"\u003e\u003ccode\u003e@​mitchellhenke\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/444\"\u003eerlef/setup-beam#444\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAutomation\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/435\"\u003eerlef/setup-beam#435\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/436\"\u003eerlef/setup-beam#436\u003c/a\u003e, and \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/442\"\u003eerlef/setup-beam#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSecurity\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump eslint from 10.0.3 to 10.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/439\"\u003eerlef/setup-beam#439\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump yauzl from 3.2.0 to 3.2.1 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/437\"\u003eerlef/setup-beam#437\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump csv-parse from 6.1.0 to 6.2.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/440\"\u003eerlef/setup-beam#440\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump picomatch from 4.0.3 to 4.0.4 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/443\"\u003eerlef/setup-beam#443\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: address \u003ccode\u003ePrototype Pollution via parse() in NodeJS flatted\u003c/code\u003e by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/445\"\u003eerlef/setup-beam#445\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/levibuzolic\"\u003e\u003ccode\u003e@​levibuzolic\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mitchellhenke\"\u003e\u003ccode\u003e@​mitchellhenke\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/444\"\u003eerlef/setup-beam#444\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.24.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.24.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/fc68ffb90438ef2936bbb3251622353b3dcb2f93\"\u003e\u003ccode\u003efc68ffb\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 190c3a5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/190c3a5e7b2d0a7e53ac2ae08f02a617c755b13d\"\u003e\u003ccode\u003e190c3a5\u003c/code\u003e\u003c/a\u003e Fix error that occurs when parsing TOML files that use dotted keys (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/444\"\u003e#444\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/92dab893ed9373c7c8b219be47f9e6ad3684507b\"\u003e\u003ccode\u003e92dab89\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 5dfda65\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/5dfda6550693b3e524212c8e8956489385351723\"\u003e\u003ccode\u003e5dfda65\u003c/code\u003e\u003c/a\u003e fix: address \u003ccode\u003ePrototype Pollution via parse() in NodeJS flatted\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/445\"\u003e#445\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ef385d6edc40d082c376680340dc4581014fb5c3\"\u003e\u003ccode\u003eef385d6\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to bf3c3af\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf3c3af135ef07a5f34ef23377a9cbf2b2e1fab0\"\u003e\u003ccode\u003ebf3c3af\u003c/code\u003e\u003c/a\u003e Bump picomatch from 4.0.3 to 4.0.4 in the npm_and_yarn group across 1 directo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/e7645e410255776e1f30cddea2b7842df4b842fb\"\u003e\u003ccode\u003ee7645e4\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to a36098e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/a36098e7415c702808cc414302b5a3fa2c83df52\"\u003e\u003ccode\u003ea36098e\u003c/code\u003e\u003c/a\u003e Bump csv-parse from 6.1.0 to 6.2.1 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/440\"\u003e#440\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/87781dc68a92d3ae823e02b5a7c030621fcc71a2\"\u003e\u003ccode\u003e87781dc\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to d5f3979\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/d5f3979a5f2803385ad71e7a9e178d31f89b8d2b\"\u003e\u003ccode\u003ed5f3979\u003c/code\u003e\u003c/a\u003e Support Node 24 runtime (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/426\"\u003e#426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/e6d7c94229049569db56a7ad5a540c051a010af9...fc68ffb90438ef2936bbb3251622353b3dcb2f93\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/cache` from 5.0.3 to 5.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/cache/releases\"\u003eactions/cache's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate ts-http-runtime dependency by \u003ca href=\"https://github.com/yacaovsnc\"\u003e\u003ccode\u003e@​yacaovsnc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1747\"\u003eactions/cache#1747\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v5...v5.0.5\"\u003ehttps://github.com/actions/cache/compare/v5...v5.0.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd release instructions and update maintainer docs by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1696\"\u003eactions/cache#1696\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePotential fix for code scanning alert no. 52: Workflow does not contain permissions by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1697\"\u003eactions/cache#1697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix workflow permissions and cleanup workflow names / formatting by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1699\"\u003eactions/cache#1699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Update examples to use the latest version by \u003ca href=\"https://github.com/XZTDean\"\u003e\u003ccode\u003e@​XZTDean\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1690\"\u003eactions/cache#1690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix proxy integration tests by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1701\"\u003eactions/cache#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix cache key in examples.md for bun.lock by \u003ca href=\"https://github.com/RyPeck\"\u003e\u003ccode\u003e@​RyPeck\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1722\"\u003eactions/cache#1722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate dependencies \u0026amp; patch security vulnerabilities by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1738\"\u003eactions/cache#1738\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/XZTDean\"\u003e\u003ccode\u003e@​XZTDean\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1690\"\u003eactions/cache#1690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/RyPeck\"\u003e\u003ccode\u003e@​RyPeck\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1722\"\u003eactions/cache#1722\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v5...v5.0.4\"\u003ehttps://github.com/actions/cache/compare/v5...v5.0.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/cache/blob/main/RELEASES.md\"\u003eactions/cache's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eReleases\u003c/h1\u003e\n\u003ch2\u003eHow to prepare a release\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\u003cbr /\u003e\nRelevant for maintainers with write access only.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003col\u003e\n\u003cli\u003eSwitch to a new branch from \u003ccode\u003emain\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003enpm test\u003c/code\u003e to ensure all tests are passing.\u003c/li\u003e\n\u003cli\u003eUpdate the version in \u003ca href=\"https://github.com/actions/cache/blob/main/package.json\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/package.json\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003enpm run build\u003c/code\u003e to update the compiled files.\u003c/li\u003e\n\u003cli\u003eUpdate this \u003ca href=\"https://github.com/actions/cache/blob/main/RELEASES.md\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/RELEASES.md\u003c/code\u003e\u003c/a\u003e with the new version and changes in the \u003ccode\u003e## Changelog\u003c/code\u003e section.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003elicensed cache\u003c/code\u003e to update the license report.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003elicensed status\u003c/code\u003e and resolve any warnings by updating the \u003ca href=\"https://github.com/actions/cache/blob/main/.licensed.yml\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/.licensed.yml\u003c/code\u003e\u003c/a\u003e file with the exceptions.\u003c/li\u003e\n\u003cli\u003eCommit your changes and push your branch upstream.\u003c/li\u003e\n\u003cli\u003eOpen a pull request against \u003ccode\u003emain\u003c/code\u003e and get it reviewed and merged.\u003c/li\u003e\n\u003cli\u003eDraft a new release \u003ca href=\"https://github.com/actions/cache/releases\"\u003ehttps://github.com/actions/cache/releases\u003c/a\u003e use the same version number used in \u003ccode\u003epackage.json\u003c/code\u003e\n\u003col\u003e\n\u003cli\u003eCreate a new tag with the version number.\u003c/li\u003e\n\u003cli\u003eAuto generate release notes and update them to match the changes you made in \u003ccode\u003eRELEASES.md\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eToggle the set as the latest release option.\u003c/li\u003e\n\u003cli\u003ePublish the release.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/li\u003e\n\u003cli\u003eNavigate to \u003ca href=\"https://github.com/actions/cache/actions/workflows/release-new-action-version.yml\"\u003ehttps://github.com/actions/cache/actions/workflows/release-new-action-version.yml\u003c/a\u003e\n\u003col\u003e\n\u003cli\u003eThere should be a workflow run queued with the same version number.\u003c/li\u003e\n\u003cli\u003eApprove the run to publish the new version and update the major tags for this action.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003ch3\u003e5.0.4\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003eminimatch\u003c/code\u003e to v3.1.5 (fixes ReDoS via globstar patterns)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003eundici\u003c/code\u003e to v6.24.1 (WebSocket decompression bomb protection, header validation fixes)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003efast-xml-parser\u003c/code\u003e to v5.5.6\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.3\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/cache\u003c/code\u003e to v5.0.5 (Resolves: \u003ca href=\"https://github.com/actions/cache/security/dependabot/33\"\u003ehttps://github.com/actions/cache/security/dependabot/33\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/core\u003c/code\u003e to v2.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/cache\u003c/code\u003e to v5.0.3 \u003ca href=\"https://redirect.github.com/actions/cache/pull/1692\"\u003e#1692\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@azure/storage-blob\u003c/code\u003e to \u003ccode\u003e^12.29.1\u003c/code\u003e via \u003ccode\u003e@actions/cache@5.0.1\u003c/code\u003e \u003ca href=\"https://redirect.github.com/actions/cache/pull/1685\"\u003e#1685\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.0\u003c/h3\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\n\u003ccode\u003eactions/cache@v5\u003c/code\u003e runs on the Node.js 24 runtime and requires a minimum Actions Runner version of \u003ccode\u003e2.327.1\u003c/code\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/27d5ce7f107fe9357f9df03efb73ab90386fccae\"\u003e\u003ccode\u003e27d5ce7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1747\"\u003e#1747\u003c/a\u003e from actions/yacaovsnc/update-dependency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/f280785d7b6e1884c7d12b9136eb0f4a1574fcfd\"\u003e\u003ccode\u003ef280785\u003c/code\u003e\u003c/a\u003e licensed changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/619aeb1606e195be0b36fd0ff68dcf1aff6b65a7\"\u003e\u003ccode\u003e619aeb1\u003c/code\u003e\u003c/a\u003e npm run build generated dist files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/bcf16c2893940a4899761e55c7ac3c1cf88a04f6\"\u003e\u003ccode\u003ebcf16c2\u003c/code\u003e\u003c/a\u003e Update ts-http-runtime to 0.3.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/668228422ae6a00e4ad889ee87cd7109ec5666a7\"\u003e\u003ccode\u003e6682284\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1738\"\u003e#1738\u003c/a\u003e from actions/prepare-v5.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/e34039626f957d3e3e50843d15c1b20547fc90e2\"\u003e\u003ccode\u003ee340396\u003c/code\u003e\u003c/a\u003e Update RELEASES\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/8a671105293e81530f1af99863cdf94550aba1a6\"\u003e\u003ccode\u003e8a67110\u003c/code\u003e\u003c/a\u003e Add licenses\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/1865903e1b0cb750dda9bc5c58be03424cc62830\"\u003e\u003ccode\u003e1865903\u003c/code\u003e\u003c/a\u003e Update dependencies \u0026amp; patch security vulnerabilities\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/565629816435f6c0b50676926c9b05c254113c0c\"\u003e\u003ccode\u003e5656298\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1722\"\u003e#1722\u003c/a\u003e from RyPeck/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/4e380d19e192ace8e86f23f32ca6fdec98a673c6\"\u003e\u003ccode\u003e4e380d1\u003c/code\u003e\u003c/a\u003e Fix cache key in examples.md for bun.lock\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/cache/compare/cdf6c1fa76f9f475f3d7449005a359c84ca0f306...27d5ce7f107fe9357f9df03efb73ab90386fccae\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `reviewdog/action-actionlint` from 1.71.0 to 1.72.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/reviewdog/action-actionlint/releases\"\u003ereviewdog/action-actionlint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease v1.72.0\u003c/h2\u003e\n\u003cp\u003ev1.72.0: PR \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/196\"\u003e#196\u003c/a\u003e - chore(deps): update actionlint to 1.7.12\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/6fb7acc99f4a1008869fa8a0f09cfca740837d9d\"\u003e\u003ccode\u003e6fb7acc\u003c/code\u003e\u003c/a\u003e bump v1.72.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/b2a904a8c140063d06dc5319ba69a672d7a4909d\"\u003e\u003ccode\u003eb2a904a\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into releases/v1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/5eaffa19a1991ecc52b11eddcdd57760d1ac7e3d\"\u003e\u003ccode\u003e5eaffa1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/196\"\u003e#196\u003c/a\u003e from reviewdog/depup/actionlint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/39a67548aa7718c321746aa5a54a9e8034505cde\"\u003e\u003ccode\u003e39a6754\u003c/code\u003e\u003c/a\u003e chore(deps): update actionlint to 1.7.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/d39025c0fb1cc41ac827852403ea94804b0e6907\"\u003e\u003ccode\u003ed39025c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/195\"\u003e#195\u003c/a\u003e from reviewdog/renovate/docker-setup-buildx-action-4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/2e8272d25ca2b89be8abc6a0b65c8c5e8a5eae05\"\u003e\u003ccode\u003e2e8272d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/194\"\u003e#194\u003c/a\u003e from reviewdog/renovate/docker-setup-qemu-action-4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/128d9b7b1e43f8eaef5602138f5c9f80ee3c3149\"\u003e\u003ccode\u003e128d9b7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/190\"\u003e#190\u003c/a\u003e from reviewdog/renovate/shogo82148-actions-create-rel...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/1674e4f79a2bf9c94d1d301e60b8f8226eea0137\"\u003e\u003ccode\u003e1674e4f\u003c/code\u003e\u003c/a\u003e chore(deps): update docker/setup-buildx-action action to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/8fdb9d20764d93bca3a294fe7fd615fcf8a82332\"\u003e\u003ccode\u003e8fdb9d2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/189\"\u003e#189\u003c/a\u003e from reviewdog/renovate/docker-setup-buildx-action-3.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/a518ce8798c4eda875ca9e369388679ec67ac3ac\"\u003e\u003ccode\u003ea518ce8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/188\"\u003e#188\u003c/a\u003e from reviewdog/renovate/peter-evans-create-pull-reque...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/reviewdog/action-actionlint/compare/0d952c597ef8459f634d7145b0b044a9699e5e43...6fb7acc99f4a1008869fa8a0f09cfca740837d9d\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zizmorcore/zizmor-action` from 0.5.0 to 0.5.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/zizmorcore/zizmor-action/releases\"\u003ezizmorcore/zizmor-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.5.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e1.24.0\u003c/code\u003e and \u003ccode\u003e1.24.1\u003c/code\u003e are now available via the action\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e1.24.1\u003c/code\u003e is now the default version of zizmor used by the action\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/zizmorcore/zizmor-action/compare/v0.5.2...v0.5.3\"\u003ehttps://github.com/zizmorcore/zizmor-action/compare/v0.5.2...v0.5.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ezizmor 1.23.1 is now the default used by this action.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/zizmorcore/zizmor-action/compare/v0.5.1...v0.5.2\"\u003ehttps://github.com/zizmorcore/zizmor-action/compare/v0.5.1...v0.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ezizmor 1.23.0 is now the default used by this action.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/zizmorcore/zizmor-action/compare/v0.5.0...v0.5.1\"\u003ehttps://github.com/zizmorcore/zizmor-action/compare/v0.5.0...v0.5.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/b1d7e1fb5de872772f31590499237e7cce841e8e\"\u003e\u003ccode\u003eb1d7e1f\u003c/code\u003e\u003c/a\u003e Sync zizmor versions (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/a195b57475917ddcb70845e5ffe1c3a15dbbdedc\"\u003e\u003ccode\u003ea195b57\u003c/code\u003e\u003c/a\u003e Sync zizmor versions (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/100\"\u003e#100\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/629d5d01fe5939a6aeae25c1bd1acd2cfa28e9b2\"\u003e\u003ccode\u003e629d5d0\u003c/code\u003e\u003c/a\u003e chore(deps): bump github/codeql-action in the github-actions group (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/99\"\u003e#99\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/453d591467e8199b1d5c6883b6ec5c22a12aac72\"\u003e\u003ccode\u003e453d591\u003c/code\u003e\u003c/a\u003e chore(deps): bump the github-actions group with 2 updates (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/98\"\u003e#98\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/ea2c18b942410df0b22bed3b94c361c407518d45\"\u003e\u003ccode\u003eea2c18b\u003c/code\u003e\u003c/a\u003e Bump pins (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/97\"\u003e#97\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/71321a20a9ded102f6e9ce5718a2fcec2c4f70d8\"\u003e\u003ccode\u003e71321a2\u003c/code\u003e\u003c/a\u003e Sync zizmor versions (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/5ed31db0964a9d37608edd5b0675de2b52070662\"\u003e\u003ccode\u003e5ed31db\u003c/code\u003e\u003c/a\u003e Bump pins (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/195d10ad90f31d8cd6ea1efd6ecc12969ddbe73f\"\u003e\u003ccode\u003e195d10a\u003c/code\u003e\u003c/a\u003e Sync zizmor versions (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/94\"\u003e#94\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/c65bc8876171b6d82748ec98b77c0193b1226b94\"\u003e\u003ccode\u003ec65bc88\u003c/code\u003e\u003c/a\u003e chore(deps): bump github/codeql-action in the github-actions group (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/93\"\u003e#93\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/c2c887f84674f9c15123e2905d2d307675d8bc01\"\u003e\u003ccode\u003ec2c887f\u003c/code\u003e\u003c/a\u003e chore(deps): bump zizmorcore/zizmor-action in the github-actions group (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/91\"\u003e#91\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/zizmorcore/zizmor-action/compare/0dce2577a4760a2749d8cfb7a84b7d5585ebcb7d...b1d7e1fb5de872772f31590499237e7cce841e8e\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/halostatue/mdex_video_embed/pull/9","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/halostatue%2Fmdex_video_embed/issues/9","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9/packages"}},{"old_version":"1.20.4","new_version":"1.24.0","update_type":"minor","path":null,"pr_created_at":"2026-05-01T00:52:36.000Z","version_change":"1.20.4 → 1.24.0","issue":{"uuid":"4362183912","node_id":"PR_kwDOQxSRdc7XTxzJ","number":11,"state":"closed","title":"deps: Bump the actions group across 1 directory with 6 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-14T00:27:26.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-01T00:52:36.000Z","updated_at":"2026-05-14T00:27:27.000Z","time_to_close":1121690,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps: Bump","group_name":"actions","update_count":6,"packages":[{"name":"step-security/harden-runner","old_version":"2.14.2","new_version":"2.19.0","repository_url":"https://github.com/step-security/harden-runner"},{"name":"actions/dependency-review-action","old_version":"4.8.3","new_version":"4.9.0","repository_url":"https://github.com/actions/dependency-review-action"},{"name":"erlef/setup-beam","old_version":"1.20.4","new_version":"1.24.0","repository_url":"https://github.com/erlef/setup-beam"},{"name":"actions/cache","old_version":"5.0.3","new_version":"5.0.5","repository_url":"https://github.com/actions/cache"},{"name":"reviewdog/action-actionlint","old_version":"1.71.0","new_version":"1.72.0","repository_url":"https://github.com/reviewdog/action-actionlint"},{"name":"zizmorcore/zizmor-action","old_version":"0.5.0","new_version":"0.5.3","repository_url":"https://github.com/zizmorcore/zizmor-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 6 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.14.2` | `2.19.0` |\n| [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.8.3` | `4.9.0` |\n| [erlef/setup-beam](https://github.com/erlef/setup-beam) | `1.20.4` | `1.24.0` |\n| [actions/cache](https://github.com/actions/cache) | `5.0.3` | `5.0.5` |\n| [reviewdog/action-actionlint](https://github.com/reviewdog/action-actionlint) | `1.71.0` | `1.72.0` |\n| [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action) | `0.5.0` | `0.5.3` |\n\n\nUpdates `step-security/harden-runner` from 2.14.2 to 2.19.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/step-security/harden-runner/releases\"\u003estep-security/harden-runner's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.19.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eNew Runner Support\u003c/h3\u003e\n\u003cp\u003eHarden-Runner now supports Depot, Blacksmith, Namespace, and WarpBuild runners with the same egress monitoring, runtime monitoring, and policy enforcement available on GitHub-hosted runners.\u003c/p\u003e\n\u003ch3\u003eAutomated Incident Response for Supply Chain Attacks\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eGlobal block list: Outbound connections to known malicious domains and IPs are now blocked even in audit mode.\u003c/li\u003e\n\u003cli\u003eSystem-defined detection rules: Harden-Runner will trigger lockdown mode when a high risk event is detected during an active supply chain attack (for example, a process reading the memory of the runner worker process, a common technique for stealing GitHub Actions secrets).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cp\u003eWindows and macOS: stability and reliability fixes\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.18.0...v2.19.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.18.0...v2.19.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.18.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eGlobal Block List: During supply chain incidents like the recent axios and trivy compromises, StepSecurity will add known malicious domains and IP addresses (IOCs) to a global block list. These will be automatically blocked, even in audit mode, providing immediate protection without requiring any workflow changes.\u003c/p\u003e\n\u003cp\u003eDeploy on Self-Hosted VM: Added \u003ccode\u003edeploy-on-self-hosted-vm\u003c/code\u003e input that allows the Harden Runner agent to be installed directly on ephemeral self-hosted Linux runner VMs at workflow runtime. This is intended as an alternative when baking the agent into the VM image is not possible.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.17.0...v2.18.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.17.0...v2.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.17.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003ePolicy Store Support\u003c/h3\u003e\n\u003cp\u003eAdded \u003ccode\u003euse-policy-store\u003c/code\u003e and \u003ccode\u003eapi-key\u003c/code\u003e inputs to fetch security policies directly from the \u003ca href=\"https://docs.stepsecurity.io/harden-runner/policy-store\"\u003eStepSecurity Policy Store\u003c/a\u003e. Policies can be defined and attached at the workflow, repo, org, or cluster (ARC) level, with the most granular policy taking precedence. This is the preferred method over the existing \u003ccode\u003epolicy\u003c/code\u003e input which requires \u003ccode\u003eid-token: write\u003c/code\u003e permission. If no policy is found in the store, the action defaults to audit mode.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.16.1...v2.17.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.16.1...v2.17.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eEnterprise tier: Added support for direct IP addresses in the allow list\nCommunity tier: Migrated Harden Runner telemetry to a new endpoint\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.16.0...v2.16.1\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.16.0...v2.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated action.yml to use node24\u003c/li\u003e\n\u003cli\u003eSecurity fix: Fixed a medium severity vulnerability where the egress block policy could be bypassed via DNS over HTTPS (DoH) by proxying DNS queries through a permitted resolver, allowing data exfiltration even with a restrictive allowed-endpoints list. This issue only affects the Community Tier; the Enterprise Tier is not affected. See \u003ca href=\"https://github.com/step-security/harden-runner/security/advisories/GHSA-46g3-37rh-v698\"\u003eGHSA-46g3-37rh-v698\u003c/a\u003e for details.\u003c/li\u003e\n\u003cli\u003eSecurity fix: Fixed a medium severity vulnerability where the egress block policy could be bypassed via DNS queries over TCP to external resolvers, allowing outbound network communication that evades configured network restrictions. This issue only affects the Community Tier; the Enterprise Tier is not affected. See \u003ca href=\"https://github.com/step-security/harden-runner/security/advisories/GHSA-g699-3x6g-wm3g\"\u003eGHSA-g699-3x6g-wm3g\u003c/a\u003e for details.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.15.1...v2.16.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.15.1...v2.16.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.15.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/642\"\u003estep-security/harden-runner#642\u003c/a\u003e bug due to which post step was failing on Windows ARM runners\u003c/li\u003e\n\u003cli\u003eUpdates npm packages\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/8d3c67de8e2fe68ef647c8db1e6a09f647780f40\"\u003e\u003ccode\u003e8d3c67d\u003c/code\u003e\u003c/a\u003e Release v2.19.0 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/661\"\u003e#661\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/6c3c2f2c1c457b00c10c4848d6f5491db3b629df\"\u003e\u003ccode\u003e6c3c2f2\u003c/code\u003e\u003c/a\u003e Feature/deploy on self hosted vm (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/658\"\u003e#658\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/f808768d1510423e83855289c910610ca9b43176\"\u003e\u003ccode\u003ef808768\u003c/code\u003e\u003c/a\u003e Feature/policy store (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/656\"\u003e#656\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/fe104658747b27e96e4f7e80cd0a94068e53901d\"\u003e\u003ccode\u003efe10465\u003c/code\u003e\u003c/a\u003e v2.16.1 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/654\"\u003e#654\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594\"\u003e\u003ccode\u003efa2e9d6\u003c/code\u003e\u003c/a\u003e Release v2.16.0 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/646\"\u003e#646\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/58077d3c7e43986b6b15fba718e8ea69e387dfcc\"\u003e\u003ccode\u003e58077d3\u003c/code\u003e\u003c/a\u003e Release v2.15.1 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/641\"\u003e#641\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/a90bcbc6539c36a85cdfeb73f7e2f433735f215b\"\u003e\u003ccode\u003ea90bcbc\u003c/code\u003e\u003c/a\u003e Update readme (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/637\"\u003e#637\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/f0a59d88538059e010b6ebd90b74e2740a6d05fc\"\u003e\u003ccode\u003ef0a59d8\u003c/code\u003e\u003c/a\u003e Release v2.15.0 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/639\"\u003e#639\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/step-security/harden-runner/compare/5ef0c079ce82195b2a36a210272d6b661572d83e...8d3c67de8e2fe68ef647c8db1e6a09f647780f40\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/dependency-review-action` from 4.8.3 to 4.9.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/dependency-review-action/releases\"\u003eactions/dependency-review-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDependency Review Action 4.9.0\u003c/h2\u003e\n\u003cp\u003eThis feature release contains a couple of notable changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThere is a new configuration option \u003ccode\u003eshow_patched_versions\u003c/code\u003e which will add a column to the output, showing the fix version of each vulnerable dependency. Thanks \u003ca href=\"https://github.com/felickz\"\u003e\u003ccode\u003e@​felickz\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eRuns which do not display OpenSSF scorecards no longer fetch scorecard information; previously it was fetched regardless of whether or not it was displayed, causing unneccessary slowness. Great catch \u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eThere are a couple of fixes to purl parsing which should improve match accuracy for \u003ccode\u003eallow-package-dependency\u003c/code\u003e lists, including case (in)sensitivity and url-encoded namespaces Thanks \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCompare normalized purls to account for encoding quirks by \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1056\"\u003eactions/dependency-review-action#1056\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake purl comparisons case insensitive by \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1057\"\u003eactions/dependency-review-action#1057\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFeat: Add \u003ccode\u003ePatched Version\u003c/code\u003e to \u003ccode\u003eVulnerabilities\u003c/code\u003e summary by \u003ca href=\"https://github.com/felickz\"\u003e\u003ccode\u003e@​felickz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1045\"\u003eactions/dependency-review-action#1045\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: only get scorecard levels if user wants to see the OpenSSF scorecard by \u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1060\"\u003eactions/dependency-review-action#1060\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/stale from 10.1.0 to 10.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1058\"\u003eactions/dependency-review-action#1058\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 4 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1021\"\u003eactions/dependency-review-action#1021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdates for release 4.9.0 by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1064\"\u003eactions/dependency-review-action#1064\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1060\"\u003eactions/dependency-review-action#1060\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/dependency-review-action/compare/v4.8.3...v4.9.0\"\u003ehttps://github.com/actions/dependency-review-action/compare/v4.8.3...v4.9.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/2031cfc080254a8a887f58cffee85186f0e49e48\"\u003e\u003ccode\u003e2031cfc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1064\"\u003e#1064\u003c/a\u003e from actions/ahpook/release-4.9.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/d02fa39f790d6e8a4ecafab5848251ff12c20df7\"\u003e\u003ccode\u003ed02fa39\u003c/code\u003e\u003c/a\u003e Updates for release 4.9.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/4038a34c4b30f7c11a7d45dc8dbea40e2211aa27\"\u003e\u003ccode\u003e4038a34\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1021\"\u003e#1021\u003c/a\u003e from actions/dependabot/github_actions/actions/check...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/a632b8386b2cc2b1b99427606b513f7632d27e91\"\u003e\u003ccode\u003ea632b83\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1058\"\u003e#1058\u003c/a\u003e from actions/dependabot/github_actions/actions/stale...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/57a3d46a7be2c2e259fa3284ffc501296337f2ac\"\u003e\u003ccode\u003e57a3d46\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1060\"\u003e#1060\u003c/a\u003e from jantiebot/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/5ecdc4b5781cdabdfe233d6e58ec18eac23e275d\"\u003e\u003ccode\u003e5ecdc4b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1045\"\u003e#1045\u003c/a\u003e from forks-felickz/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/e8c2f9a12c568d6f36f8d3a9935a6c71afc691f5\"\u003e\u003ccode\u003ee8c2f9a\u003c/code\u003e\u003c/a\u003e fix: remove inferrable type annotation to pass eslint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/0e129e113c878bfe7c1abf6c6d94b180cbf71086\"\u003e\u003ccode\u003e0e129e1\u003c/code\u003e\u003c/a\u003e Prettier  - Refactor summary table rendering for improved readability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/aa60746a920d63ce55376f67d381e15edd3a714d\"\u003e\u003ccode\u003eaa60746\u003c/code\u003e\u003c/a\u003e Add 'show-patched-versions' option to configuration and update summary handling\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/e4047984002250b82268ac37f613ab74366e1d85\"\u003e\u003ccode\u003ee404798\u003c/code\u003e\u003c/a\u003e Merge upstream actions/dependency-review-action main\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/dependency-review-action/compare/05fe4576374b728f0c523d6a13d64c25081e0803...2031cfc080254a8a887f58cffee85186f0e49e48\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `erlef/setup-beam` from 1.20.4 to 1.24.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.24.0\u003c/h2\u003e\n\u003ch2\u003e⚠️ Potentially breaking changes\u003c/h2\u003e\n\u003cp\u003eSince GitHub is phasing out Node 20 runners, the \u003ccode\u003eerlef/setup-beam\u003c/code\u003e action has updated its requirements ([see PR \u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/426\"\u003e#426\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e)). Please \u003cstrong\u003eensure your workflow files are updated\u003c/strong\u003e to align with the \u003ca href=\"https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/\"\u003elatest GitHub Actions standards\u003c/a\u003e to avoid execution failures.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Node 24 runtime by \u003ca href=\"https://github.com/levibuzolic\"\u003e\u003ccode\u003e@​levibuzolic\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix error that occurs when parsing TOML files that use dotted keys by \u003ca href=\"https://github.com/mitchellhenke\"\u003e\u003ccode\u003e@​mitchellhenke\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/444\"\u003eerlef/setup-beam#444\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAutomation\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/435\"\u003eerlef/setup-beam#435\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/436\"\u003eerlef/setup-beam#436\u003c/a\u003e, and \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/442\"\u003eerlef/setup-beam#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSecurity\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump eslint from 10.0.3 to 10.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/439\"\u003eerlef/setup-beam#439\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump yauzl from 3.2.0 to 3.2.1 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/437\"\u003eerlef/setup-beam#437\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump csv-parse from 6.1.0 to 6.2.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/440\"\u003eerlef/setup-beam#440\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump picomatch from 4.0.3 to 4.0.4 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/443\"\u003eerlef/setup-beam#443\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: address \u003ccode\u003ePrototype Pollution via parse() in NodeJS flatted\u003c/code\u003e by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/445\"\u003eerlef/setup-beam#445\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/levibuzolic\"\u003e\u003ccode\u003e@​levibuzolic\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mitchellhenke\"\u003e\u003ccode\u003e@​mitchellhenke\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/444\"\u003eerlef/setup-beam#444\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.24.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.24.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/fc68ffb90438ef2936bbb3251622353b3dcb2f93\"\u003e\u003ccode\u003efc68ffb\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 190c3a5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/190c3a5e7b2d0a7e53ac2ae08f02a617c755b13d\"\u003e\u003ccode\u003e190c3a5\u003c/code\u003e\u003c/a\u003e Fix error that occurs when parsing TOML files that use dotted keys (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/444\"\u003e#444\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/92dab893ed9373c7c8b219be47f9e6ad3684507b\"\u003e\u003ccode\u003e92dab89\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 5dfda65\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/5dfda6550693b3e524212c8e8956489385351723\"\u003e\u003ccode\u003e5dfda65\u003c/code\u003e\u003c/a\u003e fix: address \u003ccode\u003ePrototype Pollution via parse() in NodeJS flatted\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/445\"\u003e#445\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ef385d6edc40d082c376680340dc4581014fb5c3\"\u003e\u003ccode\u003eef385d6\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to bf3c3af\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf3c3af135ef07a5f34ef23377a9cbf2b2e1fab0\"\u003e\u003ccode\u003ebf3c3af\u003c/code\u003e\u003c/a\u003e Bump picomatch from 4.0.3 to 4.0.4 in the npm_and_yarn group across 1 directo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/e7645e410255776e1f30cddea2b7842df4b842fb\"\u003e\u003ccode\u003ee7645e4\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to a36098e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/a36098e7415c702808cc414302b5a3fa2c83df52\"\u003e\u003ccode\u003ea36098e\u003c/code\u003e\u003c/a\u003e Bump csv-parse from 6.1.0 to 6.2.1 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/440\"\u003e#440\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/87781dc68a92d3ae823e02b5a7c030621fcc71a2\"\u003e\u003ccode\u003e87781dc\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to d5f3979\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/d5f3979a5f2803385ad71e7a9e178d31f89b8d2b\"\u003e\u003ccode\u003ed5f3979\u003c/code\u003e\u003c/a\u003e Support Node 24 runtime (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/426\"\u003e#426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/e6d7c94229049569db56a7ad5a540c051a010af9...fc68ffb90438ef2936bbb3251622353b3dcb2f93\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/cache` from 5.0.3 to 5.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/cache/releases\"\u003eactions/cache's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate ts-http-runtime dependency by \u003ca href=\"https://github.com/yacaovsnc\"\u003e\u003ccode\u003e@​yacaovsnc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1747\"\u003eactions/cache#1747\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v5...v5.0.5\"\u003ehttps://github.com/actions/cache/compare/v5...v5.0.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd release instructions and update maintainer docs by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1696\"\u003eactions/cache#1696\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePotential fix for code scanning alert no. 52: Workflow does not contain permissions by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1697\"\u003eactions/cache#1697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix workflow permissions and cleanup workflow names / formatting by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1699\"\u003eactions/cache#1699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Update examples to use the latest version by \u003ca href=\"https://github.com/XZTDean\"\u003e\u003ccode\u003e@​XZTDean\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1690\"\u003eactions/cache#1690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix proxy integration tests by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1701\"\u003eactions/cache#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix cache key in examples.md for bun.lock by \u003ca href=\"https://github.com/RyPeck\"\u003e\u003ccode\u003e@​RyPeck\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1722\"\u003eactions/cache#1722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate dependencies \u0026amp; patch security vulnerabilities by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1738\"\u003eactions/cache#1738\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/XZTDean\"\u003e\u003ccode\u003e@​XZTDean\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1690\"\u003eactions/cache#1690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/RyPeck\"\u003e\u003ccode\u003e@​RyPeck\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1722\"\u003eactions/cache#1722\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v5...v5.0.4\"\u003ehttps://github.com/actions/cache/compare/v5...v5.0.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/cache/blob/main/RELEASES.md\"\u003eactions/cache's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eReleases\u003c/h1\u003e\n\u003ch2\u003eHow to prepare a release\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\u003cbr /\u003e\nRelevant for maintainers with write access only.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003col\u003e\n\u003cli\u003eSwitch to a new branch from \u003ccode\u003emain\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003enpm test\u003c/code\u003e to ensure all tests are passing.\u003c/li\u003e\n\u003cli\u003eUpdate the version in \u003ca href=\"https://github.com/actions/cache/blob/main/package.json\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/package.json\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003enpm run build\u003c/code\u003e to update the compiled files.\u003c/li\u003e\n\u003cli\u003eUpdate this \u003ca href=\"https://github.com/actions/cache/blob/main/RELEASES.md\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/RELEASES.md\u003c/code\u003e\u003c/a\u003e with the new version and changes in the \u003ccode\u003e## Changelog\u003c/code\u003e section.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003elicensed cache\u003c/code\u003e to update the license report.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003elicensed status\u003c/code\u003e and resolve any warnings by updating the \u003ca href=\"https://github.com/actions/cache/blob/main/.licensed.yml\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/.licensed.yml\u003c/code\u003e\u003c/a\u003e file with the exceptions.\u003c/li\u003e\n\u003cli\u003eCommit your changes and push your branch upstream.\u003c/li\u003e\n\u003cli\u003eOpen a pull request against \u003ccode\u003emain\u003c/code\u003e and get it reviewed and merged.\u003c/li\u003e\n\u003cli\u003eDraft a new release \u003ca href=\"https://github.com/actions/cache/releases\"\u003ehttps://github.com/actions/cache/releases\u003c/a\u003e use the same version number used in \u003ccode\u003epackage.json\u003c/code\u003e\n\u003col\u003e\n\u003cli\u003eCreate a new tag with the version number.\u003c/li\u003e\n\u003cli\u003eAuto generate release notes and update them to match the changes you made in \u003ccode\u003eRELEASES.md\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eToggle the set as the latest release option.\u003c/li\u003e\n\u003cli\u003ePublish the release.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/li\u003e\n\u003cli\u003eNavigate to \u003ca href=\"https://github.com/actions/cache/actions/workflows/release-new-action-version.yml\"\u003ehttps://github.com/actions/cache/actions/workflows/release-new-action-version.yml\u003c/a\u003e\n\u003col\u003e\n\u003cli\u003eThere should be a workflow run queued with the same version number.\u003c/li\u003e\n\u003cli\u003eApprove the run to publish the new version and update the major tags for this action.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003ch3\u003e5.0.4\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003eminimatch\u003c/code\u003e to v3.1.5 (fixes ReDoS via globstar patterns)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003eundici\u003c/code\u003e to v6.24.1 (WebSocket decompression bomb protection, header validation fixes)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003efast-xml-parser\u003c/code\u003e to v5.5.6\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.3\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/cache\u003c/code\u003e to v5.0.5 (Resolves: \u003ca href=\"https://github.com/actions/cache/security/dependabot/33\"\u003ehttps://github.com/actions/cache/security/dependabot/33\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/core\u003c/code\u003e to v2.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/cache\u003c/code\u003e to v5.0.3 \u003ca href=\"https://redirect.github.com/actions/cache/pull/1692\"\u003e#1692\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@azure/storage-blob\u003c/code\u003e to \u003ccode\u003e^12.29.1\u003c/code\u003e via \u003ccode\u003e@actions/cache@5.0.1\u003c/code\u003e \u003ca href=\"https://redirect.github.com/actions/cache/pull/1685\"\u003e#1685\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.0\u003c/h3\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\n\u003ccode\u003eactions/cache@v5\u003c/code\u003e runs on the Node.js 24 runtime and requires a minimum Actions Runner version of \u003ccode\u003e2.327.1\u003c/code\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/27d5ce7f107fe9357f9df03efb73ab90386fccae\"\u003e\u003ccode\u003e27d5ce7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1747\"\u003e#1747\u003c/a\u003e from actions/yacaovsnc/update-dependency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/f280785d7b6e1884c7d12b9136eb0f4a1574fcfd\"\u003e\u003ccode\u003ef280785\u003c/code\u003e\u003c/a\u003e licensed changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/619aeb1606e195be0b36fd0ff68dcf1aff6b65a7\"\u003e\u003ccode\u003e619aeb1\u003c/code\u003e\u003c/a\u003e npm run build generated dist files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/bcf16c2893940a4899761e55c7ac3c1cf88a04f6\"\u003e\u003ccode\u003ebcf16c2\u003c/code\u003e\u003c/a\u003e Update ts-http-runtime to 0.3.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/668228422ae6a00e4ad889ee87cd7109ec5666a7\"\u003e\u003ccode\u003e6682284\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1738\"\u003e#1738\u003c/a\u003e from actions/prepare-v5.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/e34039626f957d3e3e50843d15c1b20547fc90e2\"\u003e\u003ccode\u003ee340396\u003c/code\u003e\u003c/a\u003e Update RELEASES\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/8a671105293e81530f1af99863cdf94550aba1a6\"\u003e\u003ccode\u003e8a67110\u003c/code\u003e\u003c/a\u003e Add licenses\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/1865903e1b0cb750dda9bc5c58be03424cc62830\"\u003e\u003ccode\u003e1865903\u003c/code\u003e\u003c/a\u003e Update dependencies \u0026amp; patch security vulnerabilities\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/565629816435f6c0b50676926c9b05c254113c0c\"\u003e\u003ccode\u003e5656298\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1722\"\u003e#1722\u003c/a\u003e from RyPeck/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/4e380d19e192ace8e86f23f32ca6fdec98a673c6\"\u003e\u003ccode\u003e4e380d1\u003c/code\u003e\u003c/a\u003e Fix cache key in examples.md for bun.lock\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/cache/compare/cdf6c1fa76f9f475f3d7449005a359c84ca0f306...27d5ce7f107fe9357f9df03efb73ab90386fccae\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `reviewdog/action-actionlint` from 1.71.0 to 1.72.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/reviewdog/action-actionlint/releases\"\u003ereviewdog/action-actionlint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease v1.72.0\u003c/h2\u003e\n\u003cp\u003ev1.72.0: PR \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/196\"\u003e#196\u003c/a\u003e - chore(deps): update actionlint to 1.7.12\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/6fb7acc99f4a1008869fa8a0f09cfca740837d9d\"\u003e\u003ccode\u003e6fb7acc\u003c/code\u003e\u003c/a\u003e bump v1.72.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/b2a904a8c140063d06dc5319ba69a672d7a4909d\"\u003e\u003ccode\u003eb2a904a\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into releases/v1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/5eaffa19a1991ecc52b11eddcdd57760d1ac7e3d\"\u003e\u003ccode\u003e5eaffa1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/196\"\u003e#196\u003c/a\u003e from reviewdog/depup/actionlint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/39a67548aa7718c321746aa5a54a9e8034505cde\"\u003e\u003ccode\u003e39a6754\u003c/code\u003e\u003c/a\u003e chore(deps): update actionlint to 1.7.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/d39025c0fb1cc41ac827852403ea94804b0e6907\"\u003e\u003ccode\u003ed39025c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/195\"\u003e#195\u003c/a\u003e from reviewdog/renovate/docker-setup-buildx-action-4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/2e8272d25ca2b89be8abc6a0b65c8c5e8a5eae05\"\u003e\u003ccode\u003e2e8272d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/194\"\u003e#194\u003c/a\u003e from reviewdog/renovate/docker-setup-qemu-action-4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/128d9b7b1e43f8eaef5602138f5c9f80ee3c3149\"\u003e\u003ccode\u003e128d9b7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/190\"\u003e#190\u003c/a\u003e from reviewdog/renovate/shogo82148-actions-create-rel...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/1674e4f79a2bf9c94d1d301e60b8f8226eea0137\"\u003e\u003ccode\u003e1674e4f\u003c/code\u003e\u003c/a\u003e chore(deps): update docker/setup-buildx-action action to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/8fdb9d20764d93bca3a294fe7fd615fcf8a82332\"\u003e\u003ccode\u003e8fdb9d2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/189\"\u003e#189\u003c/a\u003e from reviewdog/renovate/docker-setup-buildx-action-3.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reviewdog/action-actionlint/commit/a518ce8798c4eda875ca9e369388679ec67ac3ac\"\u003e\u003ccode\u003ea518ce8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/reviewdog/action-actionlint/issues/188\"\u003e#188\u003c/a\u003e from reviewdog/renovate/peter-evans-create-pull-reque...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/reviewdog/action-actionlint/compare/0d952c597ef8459f634d7145b0b044a9699e5e43...6fb7acc99f4a1008869fa8a0f09cfca740837d9d\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zizmorcore/zizmor-action` from 0.5.0 to 0.5.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/zizmorcore/zizmor-action/releases\"\u003ezizmorcore/zizmor-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.5.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e1.24.0\u003c/code\u003e and \u003ccode\u003e1.24.1\u003c/code\u003e are now available via the action\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e1.24.1\u003c/code\u003e is now the default version of zizmor used by the action\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/zizmorcore/zizmor-action/compare/v0.5.2...v0.5.3\"\u003ehttps://github.com/zizmorcore/zizmor-action/compare/v0.5.2...v0.5.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ezizmor 1.23.1 is now the default used by this action.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/zizmorcore/zizmor-action/compare/v0.5.1...v0.5.2\"\u003ehttps://github.com/zizmorcore/zizmor-action/compare/v0.5.1...v0.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ezizmor 1.23.0 is now the default used by this action.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/zizmorcore/zizmor-action/compare/v0.5.0...v0.5.1\"\u003ehttps://github.com/zizmorcore/zizmor-action/compare/v0.5.0...v0.5.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/b1d7e1fb5de872772f31590499237e7cce841e8e\"\u003e\u003ccode\u003eb1d7e1f\u003c/code\u003e\u003c/a\u003e Sync zizmor versions (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/a195b57475917ddcb70845e5ffe1c3a15dbbdedc\"\u003e\u003ccode\u003ea195b57\u003c/code\u003e\u003c/a\u003e Sync zizmor versions (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/100\"\u003e#100\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/629d5d01fe5939a6aeae25c1bd1acd2cfa28e9b2\"\u003e\u003ccode\u003e629d5d0\u003c/code\u003e\u003c/a\u003e chore(deps): bump github/codeql-action in the github-actions group (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/99\"\u003e#99\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/453d591467e8199b1d5c6883b6ec5c22a12aac72\"\u003e\u003ccode\u003e453d591\u003c/code\u003e\u003c/a\u003e chore(deps): bump the github-actions group with 2 updates (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/98\"\u003e#98\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/ea2c18b942410df0b22bed3b94c361c407518d45\"\u003e\u003ccode\u003eea2c18b\u003c/code\u003e\u003c/a\u003e Bump pins (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/97\"\u003e#97\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/71321a20a9ded102f6e9ce5718a2fcec2c4f70d8\"\u003e\u003ccode\u003e71321a2\u003c/code\u003e\u003c/a\u003e Sync zizmor versions (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/5ed31db0964a9d37608edd5b0675de2b52070662\"\u003e\u003ccode\u003e5ed31db\u003c/code\u003e\u003c/a\u003e Bump pins (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/195d10ad90f31d8cd6ea1efd6ecc12969ddbe73f\"\u003e\u003ccode\u003e195d10a\u003c/code\u003e\u003c/a\u003e Sync zizmor versions (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/94\"\u003e#94\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/c65bc8876171b6d82748ec98b77c0193b1226b94\"\u003e\u003ccode\u003ec65bc88\u003c/code\u003e\u003c/a\u003e chore(deps): bump github/codeql-action in the github-actions group (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/93\"\u003e#93\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zizmorcore/zizmor-action/commit/c2c887f84674f9c15123e2905d2d307675d8bc01\"\u003e\u003ccode\u003ec2c887f\u003c/code\u003e\u003c/a\u003e chore(deps): bump zizmorcore/zizmor-action in the github-actions group (\u003ca href=\"https://redirect.github.com/zizmorcore/zizmor-action/issues/91\"\u003e#91\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/zizmorcore/zizmor-action/compare/0dce2577a4760a2749d8cfb7a84b7d5585ebcb7d...b1d7e1fb5de872772f31590499237e7cce841e8e\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/halostatue/pagefindex/pull/11","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/halostatue%2Fpagefindex/issues/11","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/11/packages"}},{"old_version":"1.20.4","new_version":"1.24.0","update_type":"minor","path":null,"pr_created_at":"2026-04-01T18:54:50.000Z","version_change":"1.20.4 → 1.24.0","issue":{"uuid":"4189178089","node_id":"PR_kwDODDeyRc7PWaBr","number":134,"state":"open","title":"Bump erlef/setup-beam from 1.20.4 to 1.24.0","user":"dependabot[bot]","labels":["x:size/small"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-01T18:54:50.000Z","updated_at":"2026-04-01T18:55:03.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"erlef/setup-beam","old_version":"1.20.4","new_version":"1.24.0","repository_url":"https://github.com/erlef/setup-beam"}],"path":null,"ecosystem":"actions"},"body":"Bumps [erlef/setup-beam](https://github.com/erlef/setup-beam) from 1.20.4 to 1.24.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.24.0\u003c/h2\u003e\n\u003ch2\u003e⚠️ Potentially breaking changes\u003c/h2\u003e\n\u003cp\u003eSince GitHub is phasing out Node 20 runners, the \u003ccode\u003eerlef/setup-beam\u003c/code\u003e action has updated its requirements ([see PR \u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/426\"\u003e#426\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e)). Please \u003cstrong\u003eensure your workflow files are updated\u003c/strong\u003e to align with the \u003ca href=\"https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/\"\u003elatest GitHub Actions standards\u003c/a\u003e to avoid execution failures.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Node 24 runtime by \u003ca href=\"https://github.com/levibuzolic\"\u003e\u003ccode\u003e@​levibuzolic\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix error that occurs when parsing TOML files that use dotted keys by \u003ca href=\"https://github.com/mitchellhenke\"\u003e\u003ccode\u003e@​mitchellhenke\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/444\"\u003eerlef/setup-beam#444\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAutomation\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/435\"\u003eerlef/setup-beam#435\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/436\"\u003eerlef/setup-beam#436\u003c/a\u003e, and \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/442\"\u003eerlef/setup-beam#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSecurity\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump eslint from 10.0.3 to 10.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/439\"\u003eerlef/setup-beam#439\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump yauzl from 3.2.0 to 3.2.1 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/437\"\u003eerlef/setup-beam#437\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump csv-parse from 6.1.0 to 6.2.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/440\"\u003eerlef/setup-beam#440\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump picomatch from 4.0.3 to 4.0.4 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/443\"\u003eerlef/setup-beam#443\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: address \u003ccode\u003ePrototype Pollution via parse() in NodeJS flatted\u003c/code\u003e by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/445\"\u003eerlef/setup-beam#445\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/levibuzolic\"\u003e\u003ccode\u003e@​levibuzolic\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/426\"\u003eerlef/setup-beam#426\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mitchellhenke\"\u003e\u003ccode\u003e@​mitchellhenke\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/444\"\u003eerlef/setup-beam#444\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.24.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.24.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/fc68ffb90438ef2936bbb3251622353b3dcb2f93\"\u003e\u003ccode\u003efc68ffb\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 190c3a5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/190c3a5e7b2d0a7e53ac2ae08f02a617c755b13d\"\u003e\u003ccode\u003e190c3a5\u003c/code\u003e\u003c/a\u003e Fix error that occurs when parsing TOML files that use dotted keys (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/444\"\u003e#444\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/92dab893ed9373c7c8b219be47f9e6ad3684507b\"\u003e\u003ccode\u003e92dab89\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 5dfda65\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/5dfda6550693b3e524212c8e8956489385351723\"\u003e\u003ccode\u003e5dfda65\u003c/code\u003e\u003c/a\u003e fix: address \u003ccode\u003ePrototype Pollution via parse() in NodeJS flatted\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/445\"\u003e#445\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ef385d6edc40d082c376680340dc4581014fb5c3\"\u003e\u003ccode\u003eef385d6\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to bf3c3af\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf3c3af135ef07a5f34ef23377a9cbf2b2e1fab0\"\u003e\u003ccode\u003ebf3c3af\u003c/code\u003e\u003c/a\u003e Bump picomatch from 4.0.3 to 4.0.4 in the npm_and_yarn group across 1 directo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/e7645e410255776e1f30cddea2b7842df4b842fb\"\u003e\u003ccode\u003ee7645e4\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to a36098e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/a36098e7415c702808cc414302b5a3fa2c83df52\"\u003e\u003ccode\u003ea36098e\u003c/code\u003e\u003c/a\u003e Bump csv-parse from 6.1.0 to 6.2.1 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/440\"\u003e#440\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/87781dc68a92d3ae823e02b5a7c030621fcc71a2\"\u003e\u003ccode\u003e87781dc\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to d5f3979\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/d5f3979a5f2803385ad71e7a9e178d31f89b8d2b\"\u003e\u003ccode\u003ed5f3979\u003c/code\u003e\u003c/a\u003e Support Node 24 runtime (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/426\"\u003e#426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/e6d7c94229049569db56a7ad5a540c051a010af9...fc68ffb90438ef2936bbb3251622353b3dcb2f93\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=erlef/setup-beam\u0026package-manager=github_actions\u0026previous-version=1.20.4\u0026new-version=1.24.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/exercism/erlang-test-runner/pull/134","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/exercism%2Ferlang-test-runner/issues/134","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/134/packages"}},{"old_version":"1.20.4","new_version":"1.23.0","update_type":"minor","path":null,"pr_created_at":"2026-03-23T01:14:15.000Z","version_change":"1.20.4 → 1.23.0","issue":{"uuid":"4117603270","node_id":"PR_kwDOOutWRM7Mi0e8","number":170,"state":"open","title":"build(deps): bump erlef/setup-beam from 1.20.4 to 1.23.0","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-23T01:14:15.000Z","updated_at":"2026-04-11T13:57:34.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"erlef/setup-beam","old_version":"1.20.4","new_version":"1.23.0","repository_url":"https://github.com/erlef/setup-beam"}],"path":null,"ecosystem":"actions"},"body":"Bumps [erlef/setup-beam](https://github.com/erlef/setup-beam) from 1.20.4 to 1.23.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.23.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.23.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.22.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003emise.toml\u003c/code\u003e as \u003ccode\u003eversion-file\u003c/code\u003e (input) by \u003ca href=\"https://github.com/dinokovac-river\"\u003e\u003ccode\u003e@​dinokovac-river\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/415\"\u003eerlef/setup-beam#415\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDependabot updates\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/419\"\u003eerlef/setup-beam#419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/exec\u003c/code\u003e from 1.1.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/405\"\u003eerlef/setup-beam#405\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/tool-cache\u003c/code\u003e from 2.0.2 to 4.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/407\"\u003eerlef/setup-beam#407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​eslint/js\u003c/code\u003e from 9.38.0 to 10.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/404\"\u003eerlef/setup-beam#404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.1.0 to 6.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/409\"\u003eerlef/setup-beam#409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.2.0 to 6.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/423\"\u003eerlef/setup-beam#423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint from 10.0.1 to 10.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/420\"\u003eerlef/setup-beam#420\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint-plugin-yml from 1.18.0 to 3.3.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/418\"\u003eerlef/setup-beam#418\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump globals from 17.3.0 to 17.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/421\"\u003eerlef/setup-beam#421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump markdownlint-cli from 0.47.0 to 0.48.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/422\"\u003eerlef/setup-beam#422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump prettier from 3.6.2 to 3.8.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/408\"\u003eerlef/setup-beam#408\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.0 to 2.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/410\"\u003eerlef/setup-beam#410\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.1 to 2.1.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/424\"\u003eerlef/setup-beam#424\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003e\u003ccode\u003eee09b1e\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to f8b54b5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/f8b54b559e6123caaab7f1aa113f60a5fad786e6\"\u003e\u003ccode\u003ef8b54b5\u003c/code\u003e\u003c/a\u003e Run ARM-specific tests consistently (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/434\"\u003e#434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf1ce7403467d283c9c2f605633ef849ed3781c8\"\u003e\u003ccode\u003ebf1ce74\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 559a930\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/559a93075107e8996bed015071364d5b82de6c9a\"\u003e\u003ccode\u003e559a930\u003c/code\u003e\u003c/a\u003e Bump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 director...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/1380ebe712baba142b98b84cf8d62c5235dfafc3\"\u003e\u003ccode\u003e1380ebe\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 0a54959\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/0a549596b00a62e47fdaf801584216a26b1831e8\"\u003e\u003ccode\u003e0a54959\u003c/code\u003e\u003c/a\u003e Compatibility matrix strategy (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/389\"\u003e#389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/3a3c94fd9e9380e45cecff3ab9f5b6b9e0d2f6da\"\u003e\u003ccode\u003e3a3c94f\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to cfafb69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/cfafb69dddf4265d6e7aa5232514b85b3f829076\"\u003e\u003ccode\u003ecfafb69\u003c/code\u003e\u003c/a\u003e feat: add Erlang problem matchers (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/433\"\u003e#433\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/b3cbb6afbf19923100205a2cc9ac78dbc5d87113\"\u003e\u003ccode\u003eb3cbb6a\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 2abe6cd\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/2abe6cda7aebef61794fefb3fb28ad5bab8bb158\"\u003e\u003ccode\u003e2abe6cd\u003c/code\u003e\u003c/a\u003e fix: download correct Gleam binary for macOS and Linux ARM64 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/428\"\u003e#428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/e6d7c94229049569db56a7ad5a540c051a010af9...ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=erlef/setup-beam\u0026package-manager=github_actions\u0026previous-version=1.20.4\u0026new-version=1.23.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/camatcode/aura/pull/170","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/camatcode%2Faura/issues/170","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/170/packages"}},{"old_version":"1.17.5","new_version":"1.23.0","update_type":"minor","path":null,"pr_created_at":"2026-03-20T00:08:52.000Z","version_change":"1.17.5 → 1.23.0","issue":{"uuid":"4104914788","node_id":"PR_kwDOQyxBLM7MAMLk","number":4,"state":"open","title":"chore(deps): bump the actions group with 9 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-20T00:08:52.000Z","updated_at":"2026-03-20T00:08:58.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"actions","update_count":9,"packages":[{"name":"actions/checkout","old_version":"4.1.1","new_version":"6.0.2","repository_url":"https://github.com/actions/checkout"},{"name":"haskell-actions/setup","old_version":"2.7.5","new_version":"2.10.3","repository_url":"https://github.com/haskell-actions/setup"},{"name":"actions/cache","old_version":"4.3.0","new_version":"5.0.4","repository_url":"https://github.com/actions/cache"},{"name":"actions/upload-pages-artifact","old_version":"3.0.1","new_version":"4.0.0","repository_url":"https://github.com/actions/upload-pages-artifact"},{"name":"github/codeql-action","old_version":"3.27.0","new_version":"4.33.0","repository_url":"https://github.com/github/codeql-action"},{"name":"erlef/setup-beam","old_version":"1.17.5","new_version":"1.23.0","repository_url":"https://github.com/erlef/setup-beam"},{"name":"actions/github-script","old_version":"7.0.1","new_version":"8.0.0","repository_url":"https://github.com/actions/github-script"},{"name":"webfactory/ssh-agent","old_version":"0.9.1","new_version":"0.10.0","repository_url":"https://github.com/webfactory/ssh-agent"},{"name":"trufflesecurity/trufflehog","old_version":"3.92.5","new_version":"3.93.8","repository_url":"https://github.com/trufflesecurity/trufflehog"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 9 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [actions/checkout](https://github.com/actions/checkout) | `4.1.1` | `6.0.2` |\n| [haskell-actions/setup](https://github.com/haskell-actions/setup) | `2.7.5` | `2.10.3` |\n| [actions/cache](https://github.com/actions/cache) | `4.3.0` | `5.0.4` |\n| [actions/upload-pages-artifact](https://github.com/actions/upload-pages-artifact) | `3.0.1` | `4.0.0` |\n| [github/codeql-action](https://github.com/github/codeql-action) | `3.27.0` | `4.33.0` |\n| [erlef/setup-beam](https://github.com/erlef/setup-beam) | `1.17.5` | `1.23.0` |\n| [actions/github-script](https://github.com/actions/github-script) | `7.0.1` | `8.0.0` |\n| [webfactory/ssh-agent](https://github.com/webfactory/ssh-agent) | `0.9.1` | `0.10.0` |\n| [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) | `3.92.5` | `3.93.8` |\n\nUpdates `actions/checkout` from 4.1.1 to 6.0.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/releases\"\u003eactions/checkout's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set by \u003ca href=\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2355\"\u003eactions/checkout#2355\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix tag handling: preserve annotations and explicit fetch-tags by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2356\"\u003eactions/checkout#2356\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v6.0.1...v6.0.2\"\u003ehttps://github.com/actions/checkout/compare/v6.0.1...v6.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate all references from v5 and v4 to v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2314\"\u003eactions/checkout#2314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd worktree support for persist-credentials includeIf by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2327\"\u003eactions/checkout#2327\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify v6 README by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2328\"\u003eactions/checkout#2328\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v6...v6.0.1\"\u003ehttps://github.com/actions/checkout/compare/v6...v6.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev6-beta by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2298\"\u003eactions/checkout#2298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate readme/changelog for v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2311\"\u003eactions/checkout#2311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/checkout/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6-beta\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eUpdated persist-credentials to store the credentials under \u003ccode\u003e$RUNNER_TEMP\u003c/code\u003e instead of directly in the local git config.\u003c/p\u003e\n\u003cp\u003eThis requires a minimum Actions Runner version of \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.329.0\"\u003ev2.329.0\u003c/a\u003e to access the persisted credentials for \u003ca href=\"https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action\"\u003eDocker container action\u003c/a\u003e scenarios.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5...v5.0.1\"\u003ehttps://github.com/actions/checkout/compare/v5...v5.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare v5.0.0 release by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2238\"\u003eactions/checkout#2238\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/blob/main/CHANGELOG.md\"\u003eactions/checkout's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix tag handling: preserve annotations and explicit fetch-tags by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2356\"\u003eactions/checkout#2356\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd worktree support for persist-credentials includeIf by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2327\"\u003eactions/checkout#2327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca href=\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca href=\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca href=\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdjust positioning of user email note and permissions heading by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2044\"\u003eactions/checkout#2044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2194\"\u003eactions/checkout#2194\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CODEOWNERS for actions by \u003ca href=\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2224\"\u003eactions/checkout#2224\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate package dependencies by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2236\"\u003eactions/checkout#2236\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eurl-helper.ts\u003c/code\u003e now leverages well-known environment variables by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1941\"\u003eactions/checkout#1941\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpand unit test coverage for \u003ccode\u003eisGhes\u003c/code\u003e by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1946\"\u003eactions/checkout#1946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck out other refs/* by commit if provided, fall back to ref by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1924\"\u003eactions/checkout#1924\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Ref and Commit outputs by \u003ca href=\"https://github.com/lucacome\"\u003e\u003ccode\u003e@​lucacome\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1180\"\u003eactions/checkout#1180\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDependency updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e- \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1777\"\u003eactions/checkout#1777\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1872\"\u003eactions/checkout#1872\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump the minor-npm-dependencies group across 1 directory with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1739\"\u003eactions/checkout#1739\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 3 to 4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1697\"\u003eactions/checkout#1697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCheck out other refs/* by commit by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1774\"\u003eactions/checkout#1774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin actions/checkout's own workflows to a known, good, stable version. by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1776\"\u003eactions/checkout#1776\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck platform to set archive extension appropriately by \u003ca href=\"https://github.com/cory-miller\"\u003e\u003ccode\u003e@​cory-miller\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1732\"\u003eactions/checkout#1732\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003e\u003ccode\u003ede0fac2\u003c/code\u003e\u003c/a\u003e Fix tag handling: preserve annotations and explicit fetch-tags (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2356\"\u003e#2356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49\"\u003e\u003ccode\u003e064fe7f\u003c/code\u003e\u003c/a\u003e Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8\"\u003e\u003ccode\u003e8e8c483\u003c/code\u003e\u003c/a\u003e Clarify v6 README (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2328\"\u003e#2328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1\"\u003e\u003ccode\u003e033fa0d\u003c/code\u003e\u003c/a\u003e Add worktree support for persist-credentials includeIf (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2327\"\u003e#2327\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5\"\u003e\u003ccode\u003ec2d88d3\u003c/code\u003e\u003c/a\u003e Update all references from v5 and v4 to v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2314\"\u003e#2314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3\"\u003e\u003ccode\u003e1af3b93\u003c/code\u003e\u003c/a\u003e update readme/changelog for v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2311\"\u003e#2311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e\"\u003e\u003ccode\u003e71cf226\u003c/code\u003e\u003c/a\u003e v6-beta (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2298\"\u003e#2298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e\"\u003e\u003ccode\u003e069c695\u003c/code\u003e\u003c/a\u003e Persist creds to a separate file (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2286\"\u003e#2286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493\"\u003e\u003ccode\u003eff7abcd\u003c/code\u003e\u003c/a\u003e Update README to include Node.js 24 support details and requirements (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8\"\u003e\u003ccode\u003e08c6903\u003c/code\u003e\u003c/a\u003e Prepare v5.0.0 release (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2238\"\u003e#2238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/checkout/compare/v4.1.1...de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `haskell-actions/setup` from 2.7.5 to 2.10.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/haskell-actions/setup/releases\"\u003ehaskell-actions/setup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.10.3\u003c/h2\u003e\n\u003cp\u003eAdd Stack 3.9.1\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Stack 3.9.1 by \u003ca href=\"https://github.com/andreasabel\"\u003e\u003ccode\u003e@​andreasabel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/haskell-actions/setup/pull/138\"\u003ehaskell-actions/setup#138\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/haskell-actions/setup/compare/v2.10.2...v2.10.3\"\u003ehttps://github.com/haskell-actions/setup/compare/v2.10.2...v2.10.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.10.2\u003c/h2\u003e\n\u003cp\u003eRemove GHCup vanilla channel from defaults\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove GHCup vanilla channel from defaults by \u003ca href=\"https://github.com/andreasabel\"\u003e\u003ccode\u003e@​andreasabel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/haskell-actions/setup/pull/137\"\u003ehaskell-actions/setup#137\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/haskell-actions/setup/compare/v2.10.1...v2.10.2\"\u003ehttps://github.com/haskell-actions/setup/compare/v2.10.1...v2.10.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.10.1\u003c/h2\u003e\n\u003cp\u003eMove all ghcup-add-channel commands into same group\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove broken GHC 9.12.3 by \u003ca href=\"https://github.com/andreasabel\"\u003e\u003ccode\u003e@​andreasabel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/haskell-actions/setup/pull/133\"\u003ehaskell-actions/setup#133\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/haskell-actions/setup/compare/v2.10.0...v2.10.1\"\u003ehttps://github.com/haskell-actions/setup/compare/v2.10.0...v2.10.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.10.0\u003c/h2\u003e\n\u003cp\u003eUse GHCup vanilla and prereleases channels by default\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump actions/checkout from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/haskell-actions/setup/pull/128\"\u003ehaskell-actions/setup#128\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/haskell-actions/setup/issues/130\"\u003e#130\u003c/a\u003e: support GHCup on 32bit architecture by \u003ca href=\"https://github.com/andreasabel\"\u003e\u003ccode\u003e@​andreasabel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/haskell-actions/setup/pull/131\"\u003ehaskell-actions/setup#131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd GHCs 9.14.1 and 9.12.3 and Cabal 3.16.1.0 by \u003ca href=\"https://github.com/andreasabel\"\u003e\u003ccode\u003e@​andreasabel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/haskell-actions/setup/pull/132\"\u003ehaskell-actions/setup#132\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/haskell-actions/setup/compare/v2.9.0...v2.10.0\"\u003ehttps://github.com/haskell-actions/setup/compare/v2.9.0...v2.10.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/f9150cb1d140e9a9271700670baa38991e6fa25c\"\u003e\u003ccode\u003ef9150cb\u003c/code\u003e\u003c/a\u003e Add Stack 3.9.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/dc63c94789664bb2910876ec3dfeeaa24d23b96b\"\u003e\u003ccode\u003edc63c94\u003c/code\u003e\u003c/a\u003e Remove GHCup vanilla channel from defaults\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/7786314267139caaaf743fbdb70341b116a8d25d\"\u003e\u003ccode\u003e7786314\u003c/code\u003e\u003c/a\u003e await addGhcupReleaseChannel\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/57571745c639e06be44b0a6a5874b874eb8ba392\"\u003e\u003ccode\u003e5757174\u003c/code\u003e\u003c/a\u003e Move all ghcup-add-channel commands into same group\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/ca45ec3f5855d88df81d141f6bbe87cf96aa7ede\"\u003e\u003ccode\u003eca45ec3\u003c/code\u003e\u003c/a\u003e Remove broken GHC 9.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/eb29c237a18b47554a426cb75d69844f689dc049\"\u003e\u003ccode\u003eeb29c23\u003c/code\u003e\u003c/a\u003e Use GHCup vanilla and prereleases channels by default\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/243ff44acce6b550747dcb4b9fa8a960b76e3fb0\"\u003e\u003ccode\u003e243ff44\u003c/code\u003e\u003c/a\u003e Add GHCs 9.14.1 and 9.12.3 and Cabal 3.16.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/0512451d82f3ca8c147db62e30464e7c4ca63d30\"\u003e\u003ccode\u003e0512451\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://redirect.github.com/haskell-actions/setup/issues/130\"\u003e#130\u003c/a\u003e: support GHCup on 32bit architecture (\u003ca href=\"https://redirect.github.com/haskell-actions/setup/issues/131\"\u003e#131\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/45e56529521e0883281fb118e14ccc2553c7938c\"\u003e\u003ccode\u003e45e5652\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 5 to 6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haskell-actions/setup/commit/0a703b53e0ecfe04a312712af19699c3d8a17c7a\"\u003e\u003ccode\u003e0a703b5\u003c/code\u003e\u003c/a\u003e Test: drop macos-13 (deprecated, does not support node 24)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/haskell-actions/setup/compare/ec49483bfc012387b227434aba94f59a6ecd0900...f9150cb1d140e9a9271700670baa38991e6fa25c\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/cache` from 4.3.0 to 5.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/cache/releases\"\u003eactions/cache's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd release instructions and update maintainer docs by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1696\"\u003eactions/cache#1696\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePotential fix for code scanning alert no. 52: Workflow does not contain permissions by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1697\"\u003eactions/cache#1697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix workflow permissions and cleanup workflow names / formatting by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1699\"\u003eactions/cache#1699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Update examples to use the latest version by \u003ca href=\"https://github.com/XZTDean\"\u003e\u003ccode\u003e@​XZTDean\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1690\"\u003eactions/cache#1690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix proxy integration tests by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1701\"\u003eactions/cache#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix cache key in examples.md for bun.lock by \u003ca href=\"https://github.com/RyPeck\"\u003e\u003ccode\u003e@​RyPeck\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1722\"\u003eactions/cache#1722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate dependencies \u0026amp; patch security vulnerabilities by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1738\"\u003eactions/cache#1738\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/XZTDean\"\u003e\u003ccode\u003e@​XZTDean\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1690\"\u003eactions/cache#1690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/RyPeck\"\u003e\u003ccode\u003e@​RyPeck\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1722\"\u003eactions/cache#1722\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v5...v5.0.4\"\u003ehttps://github.com/actions/cache/compare/v5...v5.0.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/cache\u003c/code\u003e to v5.0.5 (Resolves: \u003ca href=\"https://github.com/actions/cache/security/dependabot/33\"\u003ehttps://github.com/actions/cache/security/dependabot/33\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/core\u003c/code\u003e to v2.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v5...v5.0.3\"\u003ehttps://github.com/actions/cache/compare/v5...v5.0.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev.5.0.2\u003c/h2\u003e\n\u003ch1\u003ev5.0.2\u003c/h1\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eWhen creating cache entries, 429s returned from the cache service will not be retried.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\n\u003cstrong\u003e\u003ccode\u003eactions/cache@v5\u003c/code\u003e runs on the Node.js 24 runtime and requires a minimum Actions Runner version of \u003ccode\u003e2.327.1\u003c/code\u003e.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eIf you are using self-hosted runners, ensure they are updated before upgrading.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003chr /\u003e\n\u003ch1\u003ev5.0.1\u003c/h1\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: update \u003ccode\u003e@​actions/cache\u003c/code\u003e for Node.js 24 punycode deprecation by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1685\"\u003eactions/cache#1685\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eprepare release v5.0.1 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1686\"\u003eactions/cache#1686\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev5.0.0\u003c/h1\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/cache/blob/main/RELEASES.md\"\u003eactions/cache's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eReleases\u003c/h1\u003e\n\u003ch2\u003eHow to prepare a release\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\u003cbr /\u003e\nRelevant for maintainers with write access only.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003col\u003e\n\u003cli\u003eSwitch to a new branch from \u003ccode\u003emain\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003enpm test\u003c/code\u003e to ensure all tests are passing.\u003c/li\u003e\n\u003cli\u003eUpdate the version in \u003ca href=\"https://github.com/actions/cache/blob/main/package.json\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/package.json\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003enpm run build\u003c/code\u003e to update the compiled files.\u003c/li\u003e\n\u003cli\u003eUpdate this \u003ca href=\"https://github.com/actions/cache/blob/main/RELEASES.md\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/RELEASES.md\u003c/code\u003e\u003c/a\u003e with the new version and changes in the \u003ccode\u003e## Changelog\u003c/code\u003e section.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003elicensed cache\u003c/code\u003e to update the license report.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003elicensed status\u003c/code\u003e and resolve any warnings by updating the \u003ca href=\"https://github.com/actions/cache/blob/main/.licensed.yml\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/.licensed.yml\u003c/code\u003e\u003c/a\u003e file with the exceptions.\u003c/li\u003e\n\u003cli\u003eCommit your changes and push your branch upstream.\u003c/li\u003e\n\u003cli\u003eOpen a pull request against \u003ccode\u003emain\u003c/code\u003e and get it reviewed and merged.\u003c/li\u003e\n\u003cli\u003eDraft a new release \u003ca href=\"https://github.com/actions/cache/releases\"\u003ehttps://github.com/actions/cache/releases\u003c/a\u003e use the same version number used in \u003ccode\u003epackage.json\u003c/code\u003e\n\u003col\u003e\n\u003cli\u003eCreate a new tag with the version number.\u003c/li\u003e\n\u003cli\u003eAuto generate release notes and update them to match the changes you made in \u003ccode\u003eRELEASES.md\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eToggle the set as the latest release option.\u003c/li\u003e\n\u003cli\u003ePublish the release.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/li\u003e\n\u003cli\u003eNavigate to \u003ca href=\"https://github.com/actions/cache/actions/workflows/release-new-action-version.yml\"\u003ehttps://github.com/actions/cache/actions/workflows/release-new-action-version.yml\u003c/a\u003e\n\u003col\u003e\n\u003cli\u003eThere should be a workflow run queued with the same version number.\u003c/li\u003e\n\u003cli\u003eApprove the run to publish the new version and update the major tags for this action.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003ch3\u003e5.0.4\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003eminimatch\u003c/code\u003e to v3.1.5 (fixes ReDoS via globstar patterns)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003eundici\u003c/code\u003e to v6.24.1 (WebSocket decompression bomb protection, header validation fixes)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003efast-xml-parser\u003c/code\u003e to v5.5.6\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.3\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/cache\u003c/code\u003e to v5.0.5 (Resolves: \u003ca href=\"https://github.com/actions/cache/security/dependabot/33\"\u003ehttps://github.com/actions/cache/security/dependabot/33\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/core\u003c/code\u003e to v2.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/cache\u003c/code\u003e to v5.0.3 \u003ca href=\"https://redirect.github.com/actions/cache/pull/1692\"\u003e#1692\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@azure/storage-blob\u003c/code\u003e to \u003ccode\u003e^12.29.1\u003c/code\u003e via \u003ccode\u003e@actions/cache@5.0.1\u003c/code\u003e \u003ca href=\"https://redirect.github.com/actions/cache/pull/1685\"\u003e#1685\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.0\u003c/h3\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\n\u003ccode\u003eactions/cache@v5\u003c/code\u003e runs on the Node.js 24 runtime and requires a minimum Actions Runner version of \u003ccode\u003e2.327.1\u003c/code\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/668228422ae6a00e4ad889ee87cd7109ec5666a7\"\u003e\u003ccode\u003e6682284\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1738\"\u003e#1738\u003c/a\u003e from actions/prepare-v5.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/e34039626f957d3e3e50843d15c1b20547fc90e2\"\u003e\u003ccode\u003ee340396\u003c/code\u003e\u003c/a\u003e Update RELEASES\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/8a671105293e81530f1af99863cdf94550aba1a6\"\u003e\u003ccode\u003e8a67110\u003c/code\u003e\u003c/a\u003e Add licenses\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/1865903e1b0cb750dda9bc5c58be03424cc62830\"\u003e\u003ccode\u003e1865903\u003c/code\u003e\u003c/a\u003e Update dependencies \u0026amp; patch security vulnerabilities\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/565629816435f6c0b50676926c9b05c254113c0c\"\u003e\u003ccode\u003e5656298\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1722\"\u003e#1722\u003c/a\u003e from RyPeck/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/4e380d19e192ace8e86f23f32ca6fdec98a673c6\"\u003e\u003ccode\u003e4e380d1\u003c/code\u003e\u003c/a\u003e Fix cache key in examples.md for bun.lock\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/b7e8d49f17405cc70c1c120101943203c98d3a4b\"\u003e\u003ccode\u003eb7e8d49\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1701\"\u003e#1701\u003c/a\u003e from actions/Link-/fix-proxy-integration-tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/984a21b1cb176a0936f4edafb42be88978f93ef1\"\u003e\u003ccode\u003e984a21b\u003c/code\u003e\u003c/a\u003e Add traffic sanity check step\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/acf2f1f76affe1ef80eee8e56dfddd3b3e5f0fba\"\u003e\u003ccode\u003eacf2f1f\u003c/code\u003e\u003c/a\u003e Fix resolution\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/95a07c51324af6001b4d6ab8dff29f4dfadc2531\"\u003e\u003ccode\u003e95a07c5\u003c/code\u003e\u003c/a\u003e Add wait for proxy\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/cache/compare/0057852bfaa89a56745cba8c7296529d2fc39830...668228422ae6a00e4ad889ee87cd7109ec5666a7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/upload-pages-artifact` from 3.0.1 to 4.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/upload-pages-artifact/releases\"\u003eactions/upload-pages-artifact's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePotentially breaking change: hidden files (specifically dotfiles) will not be included in the artifact by \u003ca href=\"https://github.com/tsusdere\"\u003e\u003ccode\u003e@​tsusdere\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-pages-artifact/pull/102\"\u003eactions/upload-pages-artifact#102\u003c/a\u003e\nIf you need to include dotfiles in your artifact: instead of using this action, create your own artifact according to these requirements \u003ca href=\"https://github.com/actions/upload-pages-artifact?tab=readme-ov-file#artifact-validation\"\u003ehttps://github.com/actions/upload-pages-artifact?tab=readme-ov-file#artifact-validation\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin \u003ccode\u003eactions/upload-artifact\u003c/code\u003e to SHA by \u003ca href=\"https://github.com/heavymachinery\"\u003e\u003ccode\u003e@​heavymachinery\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-pages-artifact/pull/127\"\u003eactions/upload-pages-artifact#127\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/upload-pages-artifact/compare/v3.0.1...v4.0.0\"\u003ehttps://github.com/actions/upload-pages-artifact/compare/v3.0.1...v4.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/7b1f4a764d45c48632c6b24a0339c27f5614fb0b\"\u003e\u003ccode\u003e7b1f4a7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-pages-artifact/issues/127\"\u003e#127\u003c/a\u003e from heavymachinery/pin-sha\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/4cc19c7d3f3e6c87c68366501382a03c8b1ba6db\"\u003e\u003ccode\u003e4cc19c7\u003c/code\u003e\u003c/a\u003e Pin \u003ccode\u003eactions/upload-artifact\u003c/code\u003e to SHA\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/2d163be3ddce01512f3eea7ac5b7023b5d643ce1\"\u003e\u003ccode\u003e2d163be\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-pages-artifact/issues/107\"\u003e#107\u003c/a\u003e from KittyChiu/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/c70484322b1c476728dcd37fac23c4dea2a0c51a\"\u003e\u003ccode\u003ec704843\u003c/code\u003e\u003c/a\u003e fix: linted README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/9605915f1d2fc79418cdce4d5fbe80511c457655\"\u003e\u003ccode\u003e9605915\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-pages-artifact/issues/106\"\u003e#106\u003c/a\u003e from KittyChiu/kittychiu/update-readme-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/e59cdfe6d6b061aab8f0619e759cded914f3ab03\"\u003e\u003ccode\u003ee59cdfe\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/a2d67043267d885050434d297d3dd3a3a14fd899\"\u003e\u003ccode\u003ea2d6704\u003c/code\u003e\u003c/a\u003e doc: updated usage section in readme\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/984864e7b70fb5cb764344dc9c4b5c087662ef50\"\u003e\u003ccode\u003e984864e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-pages-artifact/issues/105\"\u003e#105\u003c/a\u003e from actions/Jcambass-patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/45dc78884ca148c05eddcd8ac0a804d3365e9014\"\u003e\u003ccode\u003e45dc788\u003c/code\u003e\u003c/a\u003e Add workflow file for publishing releases to immutable action package\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-pages-artifact/commit/efaad07812d4b9ad2e8667cd46426fdfb7c22e22\"\u003e\u003ccode\u003eefaad07\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-pages-artifact/issues/102\"\u003e#102\u003c/a\u003e from actions/hidden-files\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/upload-pages-artifact/compare/56afc609e74202658d3ffba0e8f6dda462b719fa...7b1f4a764d45c48632c6b24a0339c27f5614fb0b\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 3.27.0 to 4.33.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.33.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3548\"\u003e#3548\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepositories owned by an organization can now set up the \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e custom repository property to disable \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis for CodeQL\u003c/a\u003e. First, create a custom repository property with the name \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e and the type \u0026quot;True/false\u0026quot; in the organization's settings. Then in the repository's settings, set this property to \u003ccode\u003etrue\u003c/code\u003e to disable improved incremental analysis. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. This feature is not yet available on GitHub Enterprise Server. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3507\"\u003e#3507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change so that when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e fails on a runner — potentially due to insufficient disk space — the failure is recorded in the Actions cache so that subsequent runs will automatically skip improved incremental analysis until something changes (e.g. a larger runner is provisioned or a new CodeQL version is released). We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3487\"\u003e#3487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe minimum memory check for improved incremental analysis is now skipped for CodeQL 2.24.3 and later, which has reduced peak RAM usage. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3515\"\u003e#3515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReduced log levels for best-effort private package registry connection check failures to reduce noise from workflow annotations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3516\"\u003e#3516\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which lowers the minimum disk space requirement for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e, enabling it to run on standard GitHub Actions runners. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3498\"\u003e#3498\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which allows the \u003ccode\u003estart-proxy\u003c/code\u003e action to resolve the CodeQL CLI version from feature flags instead of using the linked CLI bundle version. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3512\"\u003e#3512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe previously experimental changes from versions 4.32.3, 4.32.4, 3.32.3 and 3.32.4 are now enabled by default. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3503\"\u003e#3503\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3504\"\u003e#3504\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.2\"\u003e2.24.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3493\"\u003e#3493\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which improves how certificates are generated for the authentication proxy that is used by the CodeQL Action in Default Setup when \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e. This is expected to generate more widely compatible certificates and should have no impact on analyses which are working correctly already. We expect to roll this change out to everyone in February. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3473\"\u003e#3473\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen the CodeQL Action is run \u003ca href=\"https://docs.github.com/en/code-security/how-tos/scan-code-for-vulnerabilities/troubleshooting/troubleshooting-analysis-errors/logs-not-detailed-enough#creating-codeql-debugging-artifacts-for-codeql-default-setup\"\u003ewith debugging enabled in Default Setup\u003c/a\u003e and \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e, the \u0026quot;Setup proxy for registries\u0026quot; step will output additional diagnostic information that can be used for troubleshooting. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3486\"\u003e#3486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which allows the CodeQL Action to enable network debugging for Java programs. This will help GitHub staff support customers with troubleshooting issues in GitHub-managed CodeQL workflows, such as Default Setup. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3485\"\u003e#3485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which enables GitHub-managed workflows, such as Default Setup, to use a \u003ca href=\"https://github.com/dsp-testing/codeql-cli-nightlies\"\u003enightly CodeQL CLI release\u003c/a\u003e instead of the latest, stable release that is used by default. This will help GitHub staff support customers whose analyses for a given repository or organization require early access to a change in an upcoming CodeQL CLI release. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3484\"\u003e#3484\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded experimental support for testing connections to \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for Default Setup. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3466\"\u003e#3466\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.1\"\u003e2.24.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3460\"\u003e#3460\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eA warning is now shown in Default Setup workflow logs if a \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registry is configured\u003c/a\u003e using a GitHub Personal Access Token (PAT), but no username is configured. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3422\"\u003e#3422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug which caused the CodeQL Action to fail when repository properties cannot successfully be retrieved. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3421\"\u003e#3421\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.0\"\u003e2.24.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3425\"\u003e#3425\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.31.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWhen running a Default Setup workflow with \u003ca href=\"https://docs.github.com/en/actions/how-tos/monitor-workflows/enable-debug-logging\"\u003eActions debugging enabled\u003c/a\u003e, the CodeQL Action will now use more unique names when uploading logs from the Dependabot authentication proxy as workflow artifacts. This ensures that the artifact names do not clash between multiple jobs in a build matrix. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3409\"\u003e#3409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved error handling throughout the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3415\"\u003e#3415\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded experimental support for automatically excluding \u003ca href=\"https://docs.github.com/en/repositories/working-with-files/managing-files/customizing-how-changed-files-appear-on-github\"\u003egenerated files\u003c/a\u003e from the analysis. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for some GitHub-managed analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3318\"\u003e#3318\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe changelog extracts that are included with releases of the CodeQL Action are now shorter to avoid duplicated information from appearing in Dependabot PRs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3403\"\u003e#3403\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded an experimental change which disables TRAP caching when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3569\"\u003e#3569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWe are rolling out improved incremental analysis to C/C++ analyses that use build mode \u003ccode\u003enone\u003c/code\u003e. We expect this rollout to be complete by the end of April 2026. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3584\"\u003e#3584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0\"\u003e2.25.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3585\"\u003e#3585\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.33.0 - 16 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.6 - 05 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3548\"\u003e#3548\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.5 - 02 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepositories owned by an organization can now set up the \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e custom repository property to disable \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis for CodeQL\u003c/a\u003e. First, create a custom repository property with the name \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e and the type \u0026quot;True/false\u0026quot; in the organization's settings. Then in the repository's settings, set this property to \u003ccode\u003etrue\u003c/code\u003e to disable improved incremental analysis. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. This feature is not yet available on GitHub Enterprise Server. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3507\"\u003e#3507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change so that when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e fails on a runner — potentially due to insufficient disk space — the failure is recorded in the Actions cache so that subsequent runs will automatically skip improved incremental analysis until something changes (e.g. a larger runner is provisioned or a new CodeQL version is released). We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3487\"\u003e#3487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe minimum memory check for improved incremental analysis is now skipped for CodeQL 2.24.3 and later, which has reduced peak RAM usage. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3515\"\u003e#3515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReduced log levels for best-effort private package registry connection check failures to reduce noise from workflow annotations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3516\"\u003e#3516\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which lowers the minimum disk space requirement for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e, enabling it to run on standard GitHub Actions runners. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3498\"\u003e#3498\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which allows the \u003ccode\u003estart-proxy\u003c/code\u003e action to resolve the CodeQL CLI version from feature flags instead of using the linked CLI bundle version. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3512\"\u003e#3512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe previously experimental changes from versions 4.32.3, 4.32.4, 3.32.3 and 3.32.4 are now enabled by default. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3503\"\u003e#3503\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3504\"\u003e#3504\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.4 - 20 Feb 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.2\"\u003e2.24.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3493\"\u003e#3493\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which improves how certificates are generated for the authentication proxy that is used by the CodeQL Action in Default Setup when \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e. This is expected to generate more widely compatible certificates and should have no impact on analyses which are working correctly already. We expect to roll this change out to everyone in February. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3473\"\u003e#3473\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen the CodeQL Action is run \u003ca href=\"https://docs.github.com/en/code-security/how-tos/scan-code-for-vulnerabilities/troubleshooting/troubleshooting-analysis-errors/logs-not-detailed-enough#creating-codeql-debugging-artifacts-for-codeql-default-setup\"\u003ewith debugging enabled in Default Setup\u003c/a\u003e and \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e, the \u0026quot;Setup proxy for registries\u0026quot; step will output additional diagnostic information that can be used for troubleshooting. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3486\"\u003e#3486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which allows the CodeQL Action to enable network debugging for Java programs. This will help GitHub staff support customers with troubleshooting issues in GitHub-managed CodeQL workflows, such as Default Setup. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3485\"\u003e#3485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which enables GitHub-managed workflows, such as Default Setup, to use a \u003ca href=\"https://github.com/dsp-testing/codeql-cli-nightlies\"\u003enightly CodeQL CLI release\u003c/a\u003e instead of the latest, stable release that is used by default. This will help GitHub staff support customers whose analyses for a given repository or organization require early access to a change in an upcoming CodeQL CLI release. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3484\"\u003e#3484\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.3 - 13 Feb 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded experimental support for testing connections to \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for Default Setup. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3466\"\u003e#3466\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/b1bff81932f5cdfc8695c7752dcee935dcd061c8\"\u003e\u003ccode\u003eb1bff81\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3574\"\u003e#3574\u003c/a\u003e from github/update-v4.32.7-7dd76e6bf\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e682234222f60d9549e37004a04a8f097bbd5798\"\u003e\u003ccode\u003ee682234\u003c/code\u003e\u003c/a\u003e Add changelog entry for \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3570\"\u003e#3570\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/95be291f41a39216811b3ce1a63a8df71d40d405\"\u003e\u003ccode\u003e95be291\u003c/code\u003e\u003c/a\u003e Bump minor version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/59bcb6025e4788109a6bb8f7ac4ad9c6a8d6beeb\"\u003e\u003ccode\u003e59bcb60\u003c/code\u003e\u003c/a\u003e Update changelog for v4.32.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7dd76e6bf79d24133aa649887a6ee01d8b063816\"\u003e\u003ccode\u003e7dd76e6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3572\"\u003e#3572\u003c/a\u003e from github/mbg/pr-checks/eslint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e3200e331bf51e47d45a8a5645d2a125c8a8a643\"\u003e\u003ccode\u003ee3200e3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3563\"\u003e#3563\u003c/a\u003e from github/mbg/private-registry/oidc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/4c356c71a28eb968dbcf4fb717211e82f406874f\"\u003e\u003ccode\u003e4c356c7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3570\"\u003e#3570\u003c/a\u003e from github/mbg/repo-props/warn-on-unexpected-props\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/b4937c19e53d395cc647fe16c4e00788a4e7ded3\"\u003e\u003ccode\u003eb4937c1\u003c/code\u003e\u003c/a\u003e Only emit one message with accumulated property names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/136b8ab3777165e3ec7a19faa7ef9732ace305da\"\u003e\u003ccode\u003e136b8ab\u003c/code\u003e\u003c/a\u003e Remove \u003ccode\u003ecache-dependency-path\u003c/code\u003e options as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/a5aba5952cd5add76ec9f971654d61461a3ac2bd\"\u003e\u003ccode\u003ea5aba59\u003c/code\u003e\u003c/a\u003e Remove \u003ccode\u003epackage-lock.json\u003c/code\u003e that's no longer needed\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/v3.27.0...b1bff81932f5cdfc8695c7752dcee935dcd061c8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `erlef/setup-beam` from 1.17.5 to 1.23.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.23.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.23.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.22.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003emise.toml\u003c/code\u003e as \u003ccode\u003eversion-file\u003c/code\u003e (input) by \u003ca href=\"https://github.com/dinokovac-river\"\u003e\u003ccode\u003e@​dinokovac-river\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/415\"\u003eerlef/setup-beam#415\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDependabot updates\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/419\"\u003eerlef/setup-beam#419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/exec\u003c/code\u003e from 1.1.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/405\"\u003eerlef/setup-beam#405\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/tool-cache\u003c/code\u003e from 2.0.2 to 4.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/407\"\u003eerlef/setup-beam#407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​eslint/js\u003c/code\u003e from 9.38.0 to 10.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/404\"\u003eerlef/setup-beam#404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.1.0 to 6.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/409\"\u003eerlef/setup-beam#409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.2.0 to 6.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/423\"\u003eerlef/setup-beam#423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint from 10.0.1 to 10.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/420\"\u003eerlef/setup-beam#420\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint-plugin-yml from 1.18.0 to 3.3.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/418\"\u003eerlef/setup-beam#418\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump globals from 17.3.0 to 17.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/421\"\u003eerlef/setup-beam#421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump markdownlint-cli from 0.47.0 to 0.48.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/422\"\u003eerlef/setup-beam#422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump prettier from 3.6.2 to 3.8.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/408\"\u003eerlef/setup-beam#408\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.0 to 2.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/410\"\u003eerlef/setup-beam#410\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.1 to 2.1.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/424\"\u003eerlef/setup-beam#424\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003e\u003ccode\u003eee09b1e\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to f8b54b5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/f8b54b559e6123caaab7f1aa113f60a5fad786e6\"\u003e\u003ccode\u003ef8b54b5\u003c/code\u003e\u003c/a\u003e Run ARM-specific tests consistently (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/434\"\u003e#434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf1ce7403467d283c9c2f605633ef849ed3781c8\"\u003e\u003ccode\u003ebf1ce74\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 559a930\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/559a93075107e8996bed015071364d5b82de6c9a\"\u003e\u003ccode...\n\n_Description has been truncated_","html_url":"https://github.com/hyperpolymath/docmatrix/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyperpolymath%2Fdocmatrix/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"}},{"old_version":"1.22.0","new_version":"1.23.0","update_type":"minor","path":null,"pr_created_at":"2026-03-19T05:55:34.000Z","version_change":"1.22.0 → 1.23.0","issue":{"uuid":"4099501802","node_id":"PR_kwDOQmhcK87LwSF5","number":15,"state":"open","title":"chore(deps): bump the actions group with 3 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-19T05:55:34.000Z","updated_at":"2026-03-26T08:00:23.119Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"actions","update_count":3,"packages":[{"name":"actions/checkout","old_version":"4","new_version":"6","repository_url":"https://github.com/actions/checkout"},{"name":"github/codeql-action","old_version":"4.32.6","new_version":"4.33.0","repository_url":"https://github.com/github/codeql-action"},{"name":"erlef/setup-beam","old_version":"1.22.0","new_version":"1.23.0","repository_url":"https://github.com/erlef/setup-beam"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 3 updates: [actions/checkout](https://github.com/actions/checkout), [github/codeql-action](https://github.com/github/codeql-action) and [erlef/setup-beam](https://github.com/erlef/setup-beam).\n\nUpdates `actions/checkout` from 4 to 6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/releases\"\u003eactions/checkout's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev6-beta by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2298\"\u003eactions/checkout#2298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate readme/changelog for v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2311\"\u003eactions/checkout#2311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/checkout/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6-beta\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eUpdated persist-credentials to store the credentials under \u003ccode\u003e$RUNNER_TEMP\u003c/code\u003e instead of directly in the local git config.\u003c/p\u003e\n\u003cp\u003eThis requires a minimum Actions Runner version of \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.329.0\"\u003ev2.329.0\u003c/a\u003e to access the persisted credentials for \u003ca href=\"https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action\"\u003eDocker container action\u003c/a\u003e scenarios.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5...v5.0.1\"\u003ehttps://github.com/actions/checkout/compare/v5...v5.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare v5.0.0 release by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2238\"\u003eactions/checkout#2238\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eMake sure your runner is updated to this version or newer to use this release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v4...v5.0.0\"\u003ehttps://github.com/actions/checkout/compare/v4...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v4...v4.3.1\"\u003ehttps://github.com/actions/checkout/compare/v4...v4.3.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca href=\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca href=\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca href=\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003e\u003ccode\u003ede0fac2\u003c/code\u003e\u003c/a\u003e Fix tag handling: preserve annotations and explicit fetch-tags (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2356\"\u003e#2356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49\"\u003e\u003ccode\u003e064fe7f\u003c/code\u003e\u003c/a\u003e Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8\"\u003e\u003ccode\u003e8e8c483\u003c/code\u003e\u003c/a\u003e Clarify v6 README (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2328\"\u003e#2328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1\"\u003e\u003ccode\u003e033fa0d\u003c/code\u003e\u003c/a\u003e Add worktree support for persist-credentials includeIf (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2327\"\u003e#2327\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5\"\u003e\u003ccode\u003ec2d88d3\u003c/code\u003e\u003c/a\u003e Update all references from v5 and v4 to v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2314\"\u003e#2314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3\"\u003e\u003ccode\u003e1af3b93\u003c/code\u003e\u003c/a\u003e update readme/changelog for v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2311\"\u003e#2311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e\"\u003e\u003ccode\u003e71cf226\u003c/code\u003e\u003c/a\u003e v6-beta (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2298\"\u003e#2298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e\"\u003e\u003ccode\u003e069c695\u003c/code\u003e\u003c/a\u003e Persist creds to a separate file (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2286\"\u003e#2286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493\"\u003e\u003ccode\u003eff7abcd\u003c/code\u003e\u003c/a\u003e Update README to include Node.js 24 support details and requirements (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8\"\u003e\u003ccode\u003e08c6903\u003c/code\u003e\u003c/a\u003e Prepare v5.0.0 release (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2238\"\u003e#2238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/checkout/compare/v4...v6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 4.32.6 to 4.33.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.33.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.33.0 - 16 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.6 - 05 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3548\"\u003e#3548\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.5 - 02 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepositories owned by an organization can now set up the \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e custom repository property to disable \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis for CodeQL\u003c/a\u003e. First, create a custom repository property with the name \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e and the type \u0026quot;True/false\u0026quot; in the organization's settings. Then in the repository's settings, set this property to \u003ccode\u003etrue\u003c/code\u003e to disable improved incremental analysis. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. This feature is not yet available on GitHub Enterprise Server. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3507\"\u003e#3507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change so that when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e fails on a runner — potentially due to insufficient disk space — the failure is recorded in the Actions cache so that subsequent runs will automatically skip improved incremental analysis until something changes (e.g. a larger runner is provisioned or a new CodeQL version is released). We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3487\"\u003e#3487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe minimum memory check for improved incremental analysis is now skipped for CodeQL 2.24.3 and later, which has reduced peak RAM usage. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3515\"\u003e#3515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReduced log levels for best-effort private package registry connection check failures to reduce noise from workflow annotations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3516\"\u003e#3516\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which lowers the minimum disk space requirement for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e, enabling it to run on standard GitHub Actions runners. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3498\"\u003e#3498\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which allows the \u003ccode\u003estart-proxy\u003c/code\u003e action to resolve the CodeQL CLI version from feature flags instead of using the linked CLI bundle version. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3512\"\u003e#3512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe previously experimental changes from versions 4.32.3, 4.32.4, 3.32.3 and 3.32.4 are now enabled by default. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3503\"\u003e#3503\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3504\"\u003e#3504\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.4 - 20 Feb 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.2\"\u003e2.24.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3493\"\u003e#3493\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which improves how certificates are generated for the authentication proxy that is used by the CodeQL Action in Default Setup when \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e. This is expected to generate more widely compatible certificates and should have no impact on analyses which are working correctly already. We expect to roll this change out to everyone in February. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3473\"\u003e#3473\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen the CodeQL Action is run \u003ca href=\"https://docs.github.com/en/code-security/how-tos/scan-code-for-vulnerabilities/troubleshooting/troubleshooting-analysis-errors/logs-not-detailed-enough#creating-codeql-debugging-artifacts-for-codeql-default-setup\"\u003ewith debugging enabled in Default Setup\u003c/a\u003e and \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e, the \u0026quot;Setup proxy for registries\u0026quot; step will output additional diagnostic information that can be used for troubleshooting. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3486\"\u003e#3486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which allows the CodeQL Action to enable network debugging for Java programs. This will help GitHub staff support customers with troubleshooting issues in GitHub-managed CodeQL workflows, such as Default Setup. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3485\"\u003e#3485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which enables GitHub-managed workflows, such as Default Setup, to use a \u003ca href=\"https://github.com/dsp-testing/codeql-cli-nightlies\"\u003enightly CodeQL CLI release\u003c/a\u003e instead of the latest, stable release that is used by default. This will help GitHub staff support customers whose analyses for a given repository or organization require early access to a change in an upcoming CodeQL CLI release. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3484\"\u003e#3484\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.3 - 13 Feb 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded experimental support for testing connections to \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for Default Setup. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3466\"\u003e#3466\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.2 - 05 Feb 2026\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/b1bff81932f5cdfc8695c7752dcee935dcd061c8\"\u003e\u003ccode\u003eb1bff81\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3574\"\u003e#3574\u003c/a\u003e from github/update-v4.32.7-7dd76e6bf\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e682234222f60d9549e37004a04a8f097bbd5798\"\u003e\u003ccode\u003ee682234\u003c/code\u003e\u003c/a\u003e Add changelog entry for \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3570\"\u003e#3570\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/95be291f41a39216811b3ce1a63a8df71d40d405\"\u003e\u003ccode\u003e95be291\u003c/code\u003e\u003c/a\u003e Bump minor version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/59bcb6025e4788109a6bb8f7ac4ad9c6a8d6beeb\"\u003e\u003ccode\u003e59bcb60\u003c/code\u003e\u003c/a\u003e Update changelog for v4.32.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7dd76e6bf79d24133aa649887a6ee01d8b063816\"\u003e\u003ccode\u003e7dd76e6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3572\"\u003e#3572\u003c/a\u003e from github/mbg/pr-checks/eslint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e3200e331bf51e47d45a8a5645d2a125c8a8a643\"\u003e\u003ccode\u003ee3200e3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3563\"\u003e#3563\u003c/a\u003e from github/mbg/private-registry/oidc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/4c356c71a28eb968dbcf4fb717211e82f406874f\"\u003e\u003ccode\u003e4c356c7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3570\"\u003e#3570\u003c/a\u003e from github/mbg/repo-props/warn-on-unexpected-props\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/b4937c19e53d395cc647fe16c4e00788a4e7ded3\"\u003e\u003ccode\u003eb4937c1\u003c/code\u003e\u003c/a\u003e Only emit one message with accumulated property names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/136b8ab3777165e3ec7a19faa7ef9732ace305da\"\u003e\u003ccode\u003e136b8ab\u003c/code\u003e\u003c/a\u003e Remove \u003ccode\u003ecache-dependency-path\u003c/code\u003e options as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/a5aba5952cd5add76ec9f971654d61461a3ac2bd\"\u003e\u003ccode\u003ea5aba59\u003c/code\u003e\u003c/a\u003e Remove \u003ccode\u003epackage-lock.json\u003c/code\u003e that's no longer needed\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/0d579ffd059c29b07949a3cce3983f0780820c98...b1bff81932f5cdfc8695c7752dcee935dcd061c8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `erlef/setup-beam` from 1.22.0 to 1.23.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.23.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.23.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003e\u003ccode\u003eee09b1e\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to f8b54b5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/f8b54b559e6123caaab7f1aa113f60a5fad786e6\"\u003e\u003ccode\u003ef8b54b5\u003c/code\u003e\u003c/a\u003e Run ARM-specific tests consistently (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/434\"\u003e#434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf1ce7403467d283c9c2f605633ef849ed3781c8\"\u003e\u003ccode\u003ebf1ce74\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 559a930\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/559a93075107e8996bed015071364d5b82de6c9a\"\u003e\u003ccode\u003e559a930\u003c/code\u003e\u003c/a\u003e Bump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 director...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/1380ebe712baba142b98b84cf8d62c5235dfafc3\"\u003e\u003ccode\u003e1380ebe\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 0a54959\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/0a549596b00a62e47fdaf801584216a26b1831e8\"\u003e\u003ccode\u003e0a54959\u003c/code\u003e\u003c/a\u003e Compatibility matrix strategy (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/389\"\u003e#389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/3a3c94fd9e9380e45cecff3ab9f5b6b9e0d2f6da\"\u003e\u003ccode\u003e3a3c94f\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to cfafb69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/cfafb69dddf4265d6e7aa5232514b85b3f829076\"\u003e\u003ccode\u003ecfafb69\u003c/code\u003e\u003c/a\u003e feat: add Erlang problem matchers (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/433\"\u003e#433\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/b3cbb6afbf19923100205a2cc9ac78dbc5d87113\"\u003e\u003ccode\u003eb3cbb6a\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 2abe6cd\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/2abe6cda7aebef61794fefb3fb28ad5bab8bb158\"\u003e\u003ccode\u003e2abe6cd\u003c/code\u003e\u003c/a\u003e fix: download correct Gleam binary for macOS and Linux ARM64 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/428\"\u003e#428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/9d5b75ddfda22fb979d2270283237aef8aa68d6b...ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/hyperpolymath/checky-monkey/pull/15","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyperpolymath%2Fchecky-monkey/issues/15","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/15/packages"}},{"old_version":"1.22.0","new_version":"1.23.0","update_type":"minor","path":null,"pr_created_at":"2026-03-19T04:25:52.000Z","version_change":"1.22.0 → 1.23.0","issue":{"uuid":"4099216472","node_id":"PR_kwDOQmhcv87LveqM","number":15,"state":"open","title":"chore(deps): Bump the actions group with 3 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-19T04:25:52.000Z","updated_at":"2026-03-19T04:25:58.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): Bump","group_name":"actions","update_count":3,"packages":[{"name":"actions/checkout","old_version":"4","new_version":"6","repository_url":"https://github.com/actions/checkout"},{"name":"github/codeql-action","old_version":"4.32.6","new_version":"4.33.0","repository_url":"https://github.com/github/codeql-action"},{"name":"erlef/setup-beam","old_version":"1.22.0","new_version":"1.23.0","repository_url":"https://github.com/erlef/setup-beam"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 3 updates: [actions/checkout](https://github.com/actions/checkout), [github/codeql-action](https://github.com/github/codeql-action) and [erlef/setup-beam](https://github.com/erlef/setup-beam).\n\nUpdates `actions/checkout` from 4 to 6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/releases\"\u003eactions/checkout's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev6-beta by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2298\"\u003eactions/checkout#2298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate readme/changelog for v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2311\"\u003eactions/checkout#2311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/checkout/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6-beta\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eUpdated persist-credentials to store the credentials under \u003ccode\u003e$RUNNER_TEMP\u003c/code\u003e instead of directly in the local git config.\u003c/p\u003e\n\u003cp\u003eThis requires a minimum Actions Runner version of \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.329.0\"\u003ev2.329.0\u003c/a\u003e to access the persisted credentials for \u003ca href=\"https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action\"\u003eDocker container action\u003c/a\u003e scenarios.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5...v5.0.1\"\u003ehttps://github.com/actions/checkout/compare/v5...v5.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare v5.0.0 release by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2238\"\u003eactions/checkout#2238\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eMake sure your runner is updated to this version or newer to use this release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v4...v5.0.0\"\u003ehttps://github.com/actions/checkout/compare/v4...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v4...v4.3.1\"\u003ehttps://github.com/actions/checkout/compare/v4...v4.3.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca href=\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca href=\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca href=\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003e\u003ccode\u003ede0fac2\u003c/code\u003e\u003c/a\u003e Fix tag handling: preserve annotations and explicit fetch-tags (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2356\"\u003e#2356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49\"\u003e\u003ccode\u003e064fe7f\u003c/code\u003e\u003c/a\u003e Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8\"\u003e\u003ccode\u003e8e8c483\u003c/code\u003e\u003c/a\u003e Clarify v6 README (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2328\"\u003e#2328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1\"\u003e\u003ccode\u003e033fa0d\u003c/code\u003e\u003c/a\u003e Add worktree support for persist-credentials includeIf (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2327\"\u003e#2327\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5\"\u003e\u003ccode\u003ec2d88d3\u003c/code\u003e\u003c/a\u003e Update all references from v5 and v4 to v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2314\"\u003e#2314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3\"\u003e\u003ccode\u003e1af3b93\u003c/code\u003e\u003c/a\u003e update readme/changelog for v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2311\"\u003e#2311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e\"\u003e\u003ccode\u003e71cf226\u003c/code\u003e\u003c/a\u003e v6-beta (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2298\"\u003e#2298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e\"\u003e\u003ccode\u003e069c695\u003c/code\u003e\u003c/a\u003e Persist creds to a separate file (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2286\"\u003e#2286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493\"\u003e\u003ccode\u003eff7abcd\u003c/code\u003e\u003c/a\u003e Update README to include Node.js 24 support details and requirements (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8\"\u003e\u003ccode\u003e08c6903\u003c/code\u003e\u003c/a\u003e Prepare v5.0.0 release (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2238\"\u003e#2238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/checkout/compare/v4...v6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 4.32.6 to 4.33.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.33.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.33.0 - 16 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.6 - 05 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3548\"\u003e#3548\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.5 - 02 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepositories owned by an organization can now set up the \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e custom repository property to disable \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis for CodeQL\u003c/a\u003e. First, create a custom repository property with the name \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e and the type \u0026quot;True/false\u0026quot; in the organization's settings. Then in the repository's settings, set this property to \u003ccode\u003etrue\u003c/code\u003e to disable improved incremental analysis. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. This feature is not yet available on GitHub Enterprise Server. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3507\"\u003e#3507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change so that when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e fails on a runner — potentially due to insufficient disk space — the failure is recorded in the Actions cache so that subsequent runs will automatically skip improved incremental analysis until something changes (e.g. a larger runner is provisioned or a new CodeQL version is released). We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3487\"\u003e#3487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe minimum memory check for improved incremental analysis is now skipped for CodeQL 2.24.3 and later, which has reduced peak RAM usage. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3515\"\u003e#3515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReduced log levels for best-effort private package registry connection check failures to reduce noise from workflow annotations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3516\"\u003e#3516\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which lowers the minimum disk space requirement for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e, enabling it to run on standard GitHub Actions runners. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3498\"\u003e#3498\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which allows the \u003ccode\u003estart-proxy\u003c/code\u003e action to resolve the CodeQL CLI version from feature flags instead of using the linked CLI bundle version. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3512\"\u003e#3512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe previously experimental changes from versions 4.32.3, 4.32.4, 3.32.3 and 3.32.4 are now enabled by default. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3503\"\u003e#3503\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3504\"\u003e#3504\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.4 - 20 Feb 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.2\"\u003e2.24.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3493\"\u003e#3493\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which improves how certificates are generated for the authentication proxy that is used by the CodeQL Action in Default Setup when \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e. This is expected to generate more widely compatible certificates and should have no impact on analyses which are working correctly already. We expect to roll this change out to everyone in February. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3473\"\u003e#3473\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen the CodeQL Action is run \u003ca href=\"https://docs.github.com/en/code-security/how-tos/scan-code-for-vulnerabilities/troubleshooting/troubleshooting-analysis-errors/logs-not-detailed-enough#creating-codeql-debugging-artifacts-for-codeql-default-setup\"\u003ewith debugging enabled in Default Setup\u003c/a\u003e and \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e, the \u0026quot;Setup proxy for registries\u0026quot; step will output additional diagnostic information that can be used for troubleshooting. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3486\"\u003e#3486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which allows the CodeQL Action to enable network debugging for Java programs. This will help GitHub staff support customers with troubleshooting issues in GitHub-managed CodeQL workflows, such as Default Setup. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3485\"\u003e#3485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which enables GitHub-managed workflows, such as Default Setup, to use a \u003ca href=\"https://github.com/dsp-testing/codeql-cli-nightlies\"\u003enightly CodeQL CLI release\u003c/a\u003e instead of the latest, stable release that is used by default. This will help GitHub staff support customers whose analyses for a given repository or organization require early access to a change in an upcoming CodeQL CLI release. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3484\"\u003e#3484\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.3 - 13 Feb 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded experimental support for testing connections to \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for Default Setup. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3466\"\u003e#3466\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.2 - 05 Feb 2026\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/b1bff81932f5cdfc8695c7752dcee935dcd061c8\"\u003e\u003ccode\u003eb1bff81\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3574\"\u003e#3574\u003c/a\u003e from github/update-v4.32.7-7dd76e6bf\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e682234222f60d9549e37004a04a8f097bbd5798\"\u003e\u003ccode\u003ee682234\u003c/code\u003e\u003c/a\u003e Add changelog entry for \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3570\"\u003e#3570\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/95be291f41a39216811b3ce1a63a8df71d40d405\"\u003e\u003ccode\u003e95be291\u003c/code\u003e\u003c/a\u003e Bump minor version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/59bcb6025e4788109a6bb8f7ac4ad9c6a8d6beeb\"\u003e\u003ccode\u003e59bcb60\u003c/code\u003e\u003c/a\u003e Update changelog for v4.32.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7dd76e6bf79d24133aa649887a6ee01d8b063816\"\u003e\u003ccode\u003e7dd76e6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3572\"\u003e#3572\u003c/a\u003e from github/mbg/pr-checks/eslint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e3200e331bf51e47d45a8a5645d2a125c8a8a643\"\u003e\u003ccode\u003ee3200e3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3563\"\u003e#3563\u003c/a\u003e from github/mbg/private-registry/oidc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/4c356c71a28eb968dbcf4fb717211e82f406874f\"\u003e\u003ccode\u003e4c356c7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3570\"\u003e#3570\u003c/a\u003e from github/mbg/repo-props/warn-on-unexpected-props\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/b4937c19e53d395cc647fe16c4e00788a4e7ded3\"\u003e\u003ccode\u003eb4937c1\u003c/code\u003e\u003c/a\u003e Only emit one message with accumulated property names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/136b8ab3777165e3ec7a19faa7ef9732ace305da\"\u003e\u003ccode\u003e136b8ab\u003c/code\u003e\u003c/a\u003e Remove \u003ccode\u003ecache-dependency-path\u003c/code\u003e options as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/a5aba5952cd5add76ec9f971654d61461a3ac2bd\"\u003e\u003ccode\u003ea5aba59\u003c/code\u003e\u003c/a\u003e Remove \u003ccode\u003epackage-lock.json\u003c/code\u003e that's no longer needed\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/0d579ffd059c29b07949a3cce3983f0780820c98...b1bff81932f5cdfc8695c7752dcee935dcd061c8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `erlef/setup-beam` from 1.22.0 to 1.23.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.23.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.23.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003e\u003ccode\u003eee09b1e\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to f8b54b5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/f8b54b559e6123caaab7f1aa113f60a5fad786e6\"\u003e\u003ccode\u003ef8b54b5\u003c/code\u003e\u003c/a\u003e Run ARM-specific tests consistently (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/434\"\u003e#434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf1ce7403467d283c9c2f605633ef849ed3781c8\"\u003e\u003ccode\u003ebf1ce74\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 559a930\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/559a93075107e8996bed015071364d5b82de6c9a\"\u003e\u003ccode\u003e559a930\u003c/code\u003e\u003c/a\u003e Bump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 director...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/1380ebe712baba142b98b84cf8d62c5235dfafc3\"\u003e\u003ccode\u003e1380ebe\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 0a54959\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/0a549596b00a62e47fdaf801584216a26b1831e8\"\u003e\u003ccode\u003e0a54959\u003c/code\u003e\u003c/a\u003e Compatibility matrix strategy (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/389\"\u003e#389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/3a3c94fd9e9380e45cecff3ab9f5b6b9e0d2f6da\"\u003e\u003ccode\u003e3a3c94f\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to cfafb69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/cfafb69dddf4265d6e7aa5232514b85b3f829076\"\u003e\u003ccode\u003ecfafb69\u003c/code\u003e\u003c/a\u003e feat: add Erlang problem matchers (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/433\"\u003e#433\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/b3cbb6afbf19923100205a2cc9ac78dbc5d87113\"\u003e\u003ccode\u003eb3cbb6a\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 2abe6cd\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/2abe6cda7aebef61794fefb3fb28ad5bab8bb158\"\u003e\u003ccode\u003e2abe6cd\u003c/code\u003e\u003c/a\u003e fix: download correct Gleam binary for macOS and Linux ARM64 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/428\"\u003e#428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/9d5b75ddfda22fb979d2270283237aef8aa68d6b...ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/hyperpolymath/supernorma/pull/15","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyperpolymath%2Fsupernorma/issues/15","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/15/packages"}},{"old_version":"1.17.5","new_version":"1.23.0","update_type":"minor","path":null,"pr_created_at":"2026-03-18T21:28:00.000Z","version_change":"1.17.5 → 1.23.0","issue":{"uuid":"4097805601","node_id":"PR_kwDORjyzWc7Lq-dm","number":2,"state":"open","title":"chore(deps): bump the actions group with 11 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-18T21:28:00.000Z","updated_at":"2026-03-23T02:08:29.718Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"actions","update_count":11,"packages":[{"name":"actions/checkout","old_version":"4","new_version":"6","repository_url":"https://github.com/actions/checkout"},{"name":"julia-actions/julia-buildpkg","old_version":"1.6.0","new_version":"1.7.0","repository_url":"https://github.com/julia-actions/julia-buildpkg"},{"name":"codecov/codecov-action","old_version":"5.5.2","new_version":"5.5.3","repository_url":"https://github.com/codecov/codecov-action"},{"name":"github/codeql-action","old_version":"3.27.0","new_version":"4.33.0","repository_url":"https://github.com/github/codeql-action"},{"name":"erlef/setup-beam","old_version":"1.17.5","new_version":"1.23.0","repository_url":"https://github.com/erlef/setup-beam"},{"name":"actions/github-script","old_version":"7.0.1","new_version":"8.0.0","repository_url":"https://github.com/actions/github-script"},{"name":"webfactory/ssh-agent","old_version":"0.9.1","new_version":"0.10.0","repository_url":"https://github.com/webfactory/ssh-agent"},{"name":"trufflesecurity/trufflehog","old_version":"3.92.5","new_version":"3.93.8","repository_url":"https://github.com/trufflesecurity/trufflehog"},{"name":"actions/download-artifact","old_version":"4.3.0","new_version":"8.0.1","repository_url":"https://github.com/actions/download-artifact"},{"name":"softprops/action-gh-release","old_version":"2.2.2","new_version":"2.6.1","repository_url":"https://github.com/softprops/action-gh-release"},{"name":"ossf/scorecard-action","old_version":"2.4.0","new_version":"2.4.3","repository_url":"https://github.com/ossf/scorecard-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 11 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [actions/checkout](https://github.com/actions/checkout) | `4` | `6` |\n| [julia-actions/julia-buildpkg](https://github.com/julia-actions/julia-buildpkg) | `1.6.0` | `1.7.0` |\n| [codecov/codecov-action](https://github.com/codecov/codecov-action) | `5.5.2` | `5.5.3` |\n| [github/codeql-action](https://github.com/github/codeql-action) | `3.27.0` | `4.33.0` |\n| [erlef/setup-beam](https://github.com/erlef/setup-beam) | `1.17.5` | `1.23.0` |\n| [actions/github-script](https://github.com/actions/github-script) | `7.0.1` | `8.0.0` |\n| [webfactory/ssh-agent](https://github.com/webfactory/ssh-agent) | `0.9.1` | `0.10.0` |\n| [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) | `3.92.5` | `3.93.8` |\n| [actions/download-artifact](https://github.com/actions/download-artifact) | `4.3.0` | `8.0.1` |\n| [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `2.2.2` | `2.6.1` |\n| [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.4.0` | `2.4.3` |\n\nUpdates `actions/checkout` from 4 to 6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/releases\"\u003eactions/checkout's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev6-beta by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2298\"\u003eactions/checkout#2298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate readme/changelog for v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2311\"\u003eactions/checkout#2311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/checkout/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6-beta\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eUpdated persist-credentials to store the credentials under \u003ccode\u003e$RUNNER_TEMP\u003c/code\u003e instead of directly in the local git config.\u003c/p\u003e\n\u003cp\u003eThis requires a minimum Actions Runner version of \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.329.0\"\u003ev2.329.0\u003c/a\u003e to access the persisted credentials for \u003ca href=\"https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action\"\u003eDocker container action\u003c/a\u003e scenarios.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5...v5.0.1\"\u003ehttps://github.com/actions/checkout/compare/v5...v5.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare v5.0.0 release by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2238\"\u003eactions/checkout#2238\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eMake sure your runner is updated to this version or newer to use this release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v4...v5.0.0\"\u003ehttps://github.com/actions/checkout/compare/v4...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v4...v4.3.1\"\u003ehttps://github.com/actions/checkout/compare/v4...v4.3.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca href=\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca href=\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca href=\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003e\u003ccode\u003ede0fac2\u003c/code\u003e\u003c/a\u003e Fix tag handling: preserve annotations and explicit fetch-tags (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2356\"\u003e#2356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49\"\u003e\u003ccode\u003e064fe7f\u003c/code\u003e\u003c/a\u003e Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8\"\u003e\u003ccode\u003e8e8c483\u003c/code\u003e\u003c/a\u003e Clarify v6 README (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2328\"\u003e#2328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1\"\u003e\u003ccode\u003e033fa0d\u003c/code\u003e\u003c/a\u003e Add worktree support for persist-credentials includeIf (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2327\"\u003e#2327\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5\"\u003e\u003ccode\u003ec2d88d3\u003c/code\u003e\u003c/a\u003e Update all references from v5 and v4 to v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2314\"\u003e#2314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3\"\u003e\u003ccode\u003e1af3b93\u003c/code\u003e\u003c/a\u003e update readme/changelog for v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2311\"\u003e#2311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e\"\u003e\u003ccode\u003e71cf226\u003c/code\u003e\u003c/a\u003e v6-beta (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2298\"\u003e#2298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e\"\u003e\u003ccode\u003e069c695\u003c/code\u003e\u003c/a\u003e Persist creds to a separate file (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2286\"\u003e#2286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493\"\u003e\u003ccode\u003eff7abcd\u003c/code\u003e\u003c/a\u003e Update README to include Node.js 24 support details and requirements (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8\"\u003e\u003ccode\u003e08c6903\u003c/code\u003e\u003c/a\u003e Prepare v5.0.0 release (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2238\"\u003e#2238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/checkout/compare/v4...v6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `julia-actions/julia-buildpkg` from 1.6.0 to 1.7.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/julia-actions/julia-buildpkg/releases\"\u003ejulia-actions/julia-buildpkg's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link trailing dot by \u003ca href=\"https://github.com/inkydragon\"\u003e\u003ccode\u003e@​inkydragon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/julia-actions/julia-buildpkg/pull/51\"\u003ejulia-actions/julia-buildpkg#51\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInstall the default registries for version \u0026gt; 1.8 by \u003ca href=\"https://github.com/ven-k\"\u003e\u003ccode\u003e@​ven-k\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/julia-actions/julia-buildpkg/pull/55\"\u003ejulia-actions/julia-buildpkg#55\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther stuff\u003c/h2\u003e\n\u003ch4\u003eDependency changes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBump actions/cache from 3 to 4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/julia-actions/julia-buildpkg/pull/50\"\u003ejulia-actions/julia-buildpkg#50\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump julia-actions/setup-julia from 1 to 2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/julia-actions/julia-buildpkg/pull/53\"\u003ejulia-actions/julia-buildpkg#53\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eFull Changelog\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/julia-actions/julia-buildpkg/compare/v1...v1.7.0\"\u003ehttps://github.com/julia-actions/julia-buildpkg/compare/v1...v1.7.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/inkydragon\"\u003e\u003ccode\u003e@​inkydragon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/julia-actions/julia-buildpkg/pull/51\"\u003ejulia-actions/julia-buildpkg#51\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ven-k\"\u003e\u003ccode\u003e@​ven-k\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/julia-actions/julia-buildpkg/pull/55\"\u003ejulia-actions/julia-buildpkg#55\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/julia-actions/julia-buildpkg/commit/e3eb439fad4f9aba7da2667e7510e4a46ebc46e1\"\u003e\u003ccode\u003ee3eb439\u003c/code\u003e\u003c/a\u003e fix: install the default registries for version \u0026gt; 1.8 (\u003ca href=\"https://redirect.github.com/julia-actions/julia-buildpkg/issues/55\"\u003e#55\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/julia-actions/julia-buildpkg/commit/d36834d83404fe14f893b16651c4b9bbd41f5122\"\u003e\u003ccode\u003ed36834d\u003c/code\u003e\u003c/a\u003e Bump julia-actions/setup-julia from 1 to 2 (\u003ca href=\"https://redirect.github.com/julia-actions/julia-buildpkg/issues/53\"\u003e#53\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/julia-actions/julia-buildpkg/commit/98b1bc26398ab2bbad8356832f82ecb672bdac99\"\u003e\u003ccode\u003e98b1bc2\u003c/code\u003e\u003c/a\u003e Remove link trailing dot (\u003ca href=\"https://redirect.github.com/julia-actions/julia-buildpkg/issues/51\"\u003e#51\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/julia-actions/julia-buildpkg/commit/cec9c38577547b8b499108bf9ce5ec617e547857\"\u003e\u003ccode\u003ecec9c38\u003c/code\u003e\u003c/a\u003e Bump actions/cache from 3 to 4 (\u003ca href=\"https://redirect.github.com/julia-actions/julia-buildpkg/issues/50\"\u003e#50\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/julia-actions/julia-buildpkg/compare/90dd6f23eb49626e4e6612cb9d64d456f86e6a1c...e3eb439fad4f9aba7da2667e7510e4a46ebc46e1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `codecov/codecov-action` from 5.5.2 to 5.5.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/codecov/codecov-action/releases\"\u003ecodecov/codecov-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.5.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump actions/github-script from 7.0.1 to 8.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1874\"\u003ecodecov/codecov-action#1874\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(release): bump to 5.5.3 by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1922\"\u003ecodecov/codecov-action#1922\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.5.2...v5.5.3\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.5.2...v5.5.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md\"\u003ecodecov/codecov-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.5.2\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.5.1\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: overwrite pr number on fork by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1871\"\u003ecodecov/codecov-action#1871\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.2.2 to 5.0.0 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1868\"\u003ecodecov/codecov-action#1868\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1867\"\u003ecodecov/codecov-action#1867\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update to use local app/ dir by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1872\"\u003ecodecov/codecov-action#1872\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix typo in README by \u003ca href=\"https://github.com/datalater\"\u003e\u003ccode\u003e@​datalater\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1866\"\u003ecodecov/codecov-action#1866\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument a \u003ccode\u003ecodecov-cli\u003c/code\u003e version reference example by \u003ca href=\"https://github.com/webknjaz\"\u003e\u003ccode\u003e@​webknjaz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1774\"\u003ecodecov/codecov-action#1774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1861\"\u003ecodecov/codecov-action#1861\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1833\"\u003ecodecov/codecov-action#1833\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.5.0\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: upgrade wrapper to 0.2.4 by \u003ca href=\"https://github.com/jviall\"\u003e\u003ccode\u003e@​jviall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1864\"\u003ecodecov/codecov-action#1864\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin actions/github-script by Git SHA by \u003ca href=\"https://github.com/martincostello\"\u003e\u003ccode\u003e@​martincostello\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1859\"\u003ecodecov/codecov-action#1859\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: check reqs exist by \u003ca href=\"https://github.com/joseph-sentry\"\u003e\u003ccode\u003e@​joseph-sentry\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1835\"\u003ecodecov/codecov-action#1835\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Typo in README by \u003ca href=\"https://github.com/spalmurray\"\u003e\u003ccode\u003e@​spalmurray\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1838\"\u003ecodecov/codecov-action#1838\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Refine OIDC docs by \u003ca href=\"https://github.com/spalmurray\"\u003e\u003ccode\u003e@​spalmurray\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1837\"\u003ecodecov/codecov-action#1837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1829\"\u003ecodecov/codecov-action#1829\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.4.3\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.17 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1822\"\u003ecodecov/codecov-action#1822\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: OIDC on forks by \u003ca href=\"https://github.com/joseph-sentry\"\u003e\u003ccode\u003e@​joseph-sentry\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1823\"\u003ecodecov/codecov-action#1823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.4.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-action/commit/1af58845a975a7985b0beb0cbe6fbbb71a41dbad\"\u003e\u003ccode\u003e1af5884\u003c/code\u003e\u003c/a\u003e chore(release): bump to 5.5.3 (\u003ca href=\"https://redirect.github.com/codecov/codecov-action/issues/1922\"\u003e#1922\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-action/commit/c143300dea6c9a730986ff862c5bf4d458927ef8\"\u003e\u003ccode\u003ec143300\u003c/code\u003e\u003c/a\u003e build(deps): bump actions/github-script from 7.0.1 to 8.0.0 (\u003ca href=\"https://redirect.github.com/codecov/codecov-action/issues/1874\"\u003e#1874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/codecov/codecov-action/compare/671740ac38dd9b0130fbe1cec585b89eea48d3de...1af58845a975a7985b0beb0cbe6fbbb71a41dbad\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 3.27.0 to 4.33.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.33.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3548\"\u003e#3548\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepositories owned by an organization can now set up the \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e custom repository property to disable \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis for CodeQL\u003c/a\u003e. First, create a custom repository property with the name \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e and the type \u0026quot;True/false\u0026quot; in the organization's settings. Then in the repository's settings, set this property to \u003ccode\u003etrue\u003c/code\u003e to disable improved incremental analysis. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. This feature is not yet available on GitHub Enterprise Server. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3507\"\u003e#3507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change so that when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e fails on a runner — potentially due to insufficient disk space — the failure is recorded in the Actions cache so that subsequent runs will automatically skip improved incremental analysis until something changes (e.g. a larger runner is provisioned or a new CodeQL version is released). We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3487\"\u003e#3487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe minimum memory check for improved incremental analysis is now skipped for CodeQL 2.24.3 and later, which has reduced peak RAM usage. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3515\"\u003e#3515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReduced log levels for best-effort private package registry connection check failures to reduce noise from workflow annotations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3516\"\u003e#3516\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which lowers the minimum disk space requirement for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e, enabling it to run on standard GitHub Actions runners. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3498\"\u003e#3498\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which allows the \u003ccode\u003estart-proxy\u003c/code\u003e action to resolve the CodeQL CLI version from feature flags instead of using the linked CLI bundle version. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3512\"\u003e#3512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe previously experimental changes from versions 4.32.3, 4.32.4, 3.32.3 and 3.32.4 are now enabled by default. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3503\"\u003e#3503\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3504\"\u003e#3504\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.2\"\u003e2.24.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3493\"\u003e#3493\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which improves how certificates are generated for the authentication proxy that is used by the CodeQL Action in Default Setup when \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e. This is expected to generate more widely compatible certificates and should have no impact on analyses which are working correctly already. We expect to roll this change out to everyone in February. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3473\"\u003e#3473\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen the CodeQL Action is run \u003ca href=\"https://docs.github.com/en/code-security/how-tos/scan-code-for-vulnerabilities/troubleshooting/troubleshooting-analysis-errors/logs-not-detailed-enough#creating-codeql-debugging-artifacts-for-codeql-default-setup\"\u003ewith debugging enabled in Default Setup\u003c/a\u003e and \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e, the \u0026quot;Setup proxy for registries\u0026quot; step will output additional diagnostic information that can be used for troubleshooting. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3486\"\u003e#3486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which allows the CodeQL Action to enable network debugging for Java programs. This will help GitHub staff support customers with troubleshooting issues in GitHub-managed CodeQL workflows, such as Default Setup. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3485\"\u003e#3485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which enables GitHub-managed workflows, such as Default Setup, to use a \u003ca href=\"https://github.com/dsp-testing/codeql-cli-nightlies\"\u003enightly CodeQL CLI release\u003c/a\u003e instead of the latest, stable release that is used by default. This will help GitHub staff support customers whose analyses for a given repository or organization require early access to a change in an upcoming CodeQL CLI release. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3484\"\u003e#3484\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded experimental support for testing connections to \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for Default Setup. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3466\"\u003e#3466\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.1\"\u003e2.24.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3460\"\u003e#3460\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eA warning is now shown in Default Setup workflow logs if a \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registry is configured\u003c/a\u003e using a GitHub Personal Access Token (PAT), but no username is configured. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3422\"\u003e#3422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug which caused the CodeQL Action to fail when repository properties cannot successfully be retrieved. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3421\"\u003e#3421\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.0\"\u003e2.24.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3425\"\u003e#3425\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.31.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWhen running a Default Setup workflow with \u003ca href=\"https://docs.github.com/en/actions/how-tos/monitor-workflows/enable-debug-logging\"\u003eActions debugging enabled\u003c/a\u003e, the CodeQL Action will now use more unique names when uploading logs from the Dependabot authentication proxy as workflow artifacts. This ensures that the artifact names do not clash between multiple jobs in a build matrix. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3409\"\u003e#3409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved error handling throughout the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3415\"\u003e#3415\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded experimental support for automatically excluding \u003ca href=\"https://docs.github.com/en/repositories/working-with-files/managing-files/customizing-how-changed-files-appear-on-github\"\u003egenerated files\u003c/a\u003e from the analysis. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for some GitHub-managed analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3318\"\u003e#3318\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe changelog extracts that are included with releases of the CodeQL Action are now shorter to avoid duplicated information from appearing in Dependabot PRs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3403\"\u003e#3403\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/b1bff81932f5cdfc8695c7752dcee935dcd061c8\"\u003e\u003ccode\u003eb1bff81\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3574\"\u003e#3574\u003c/a\u003e from github/update-v4.32.7-7dd76e6bf\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e682234222f60d9549e37004a04a8f097bbd5798\"\u003e\u003ccode\u003ee682234\u003c/code\u003e\u003c/a\u003e Add changelog entry for \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3570\"\u003e#3570\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/95be291f41a39216811b3ce1a63a8df71d40d405\"\u003e\u003ccode\u003e95be291\u003c/code\u003e\u003c/a\u003e Bump minor version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/59bcb6025e4788109a6bb8f7ac4ad9c6a8d6beeb\"\u003e\u003ccode\u003e59bcb60\u003c/code\u003e\u003c/a\u003e Update changelog for v4.32.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7dd76e6bf79d24133aa649887a6ee01d8b063816\"\u003e\u003ccode\u003e7dd76e6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3572\"\u003e#3572\u003c/a\u003e from github/mbg/pr-checks/eslint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e3200e331bf51e47d45a8a5645d2a125c8a8a643\"\u003e\u003ccode\u003ee3200e3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3563\"\u003e#3563\u003c/a\u003e from github/mbg/private-registry/oidc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/4c356c71a28eb968dbcf4fb717211e82f406874f\"\u003e\u003ccode\u003e4c356c7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3570\"\u003e#3570\u003c/a\u003e from github/mbg/repo-props/warn-on-unexpected-props\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/b4937c19e53d395cc647fe16c4e00788a4e7ded3\"\u003e\u003ccode\u003eb4937c1\u003c/code\u003e\u003c/a\u003e Only emit one message with accumulated property names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/136b8ab3777165e3ec7a19faa7ef9732ace305da\"\u003e\u003ccode\u003e136b8ab\u003c/code\u003e\u003c/a\u003e Remove \u003ccode\u003ecache-dependency-path\u003c/code\u003e options as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/a5aba5952cd5add76ec9f971654d61461a3ac2bd\"\u003e\u003ccode\u003ea5aba59\u003c/code\u003e\u003c/a\u003e Remove \u003ccode\u003epackage-lock.json\u003c/code\u003e that's no longer needed\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/v3.27.0...v4.33.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `erlef/setup-beam` from 1.17.5 to 1.23.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.23.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.23.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.22.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003emise.toml\u003c/code\u003e as \u003ccode\u003eversion-file\u003c/code\u003e (input) by \u003ca href=\"https://github.com/dinokovac-river\"\u003e\u003ccode\u003e@​dinokovac-river\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/415\"\u003eerlef/setup-beam#415\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDependabot updates\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/419\"\u003eerlef/setup-beam#419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/exec\u003c/code\u003e from 1.1.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/405\"\u003eerlef/setup-beam#405\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/tool-cache\u003c/code\u003e from 2.0.2 to 4.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/407\"\u003eerlef/setup-beam#407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​eslint/js\u003c/code\u003e from 9.38.0 to 10.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/404\"\u003eerlef/setup-beam#404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.1.0 to 6.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/409\"\u003eerlef/setup-beam#409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.2.0 to 6.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/423\"\u003eerlef/setup-beam#423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint from 10.0.1 to 10.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/420\"\u003eerlef/setup-beam#420\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint-plugin-yml from 1.18.0 to 3.3.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/418\"\u003eerlef/setup-beam#418\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump globals from 17.3.0 to 17.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/421\"\u003eerlef/setup-beam#421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump markdownlint-cli from 0.47.0 to 0.48.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/422\"\u003eerlef/setup-beam#422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump prettier from 3.6.2 to 3.8.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/408\"\u003eerlef/setup-beam#408\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.0 to 2.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/410\"\u003eerlef/setup-beam#410\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.1 to 2.1.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/424\"\u003eerlef/setup-beam#424\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003e\u003ccode\u003eee09b1e\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to f8b54b5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/f8b54b559e6123caaab7f1aa113f60a5fad786e6\"\u003e\u003ccode\u003ef8b54b5\u003c/code\u003e\u003c/a\u003e Run ARM-specific tests consistently (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/434\"\u003e#434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf1ce7403467d283c9c2f605633ef849ed3781c8\"\u003e\u003ccode\u003ebf1ce74\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 559a930\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/559a93075107e8996bed015071364d5b82de6c9a\"\u003e\u003ccode\u003e559a930\u003c/code\u003e\u003c/a\u003e Bump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 director...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/1380ebe712baba142b98b84cf8d62c5235dfafc3\"\u003e\u003ccode\u003e1380ebe\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 0a54959\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/0a549596b00a62e47fdaf801584216a26b1831e8\"\u003e\u003ccode\u003e0a54959\u003c/code\u003e\u003c/a\u003e Compatibility matrix strategy (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/389\"\u003e#389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/3a3c94fd9e9380e45cecff3ab9f5b6b9e0d2f6da\"\u003e\u003ccode\u003e3a3c94f\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to cfafb69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/cfafb69dddf4265d6e7aa5232514b85b3f829076\"\u003e\u003ccode\u003ecfafb69\u003c/code\u003e\u003c/a\u003e feat: add Erlang problem matchers (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/433\"\u003e#433\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/b3cbb6afbf19923100205a2cc9ac78dbc5d87113\"\u003e\u003ccode\u003eb3cbb6a\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 2abe6cd\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/2abe6cda7aebef61794fefb3fb28ad5bab8bb158\"\u003e\u003ccode\u003e2abe6cd\u003c/code\u003e\u003c/a\u003e fix: download correct Gleam binary for macOS and Linux ARM64 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/428\"\u003e#428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/2f0cc07b4b9bea248ae098aba9e1a8a1de5ec24c...ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/github-script` from 7.0.1 to 8.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/github-script/releases\"\u003eactions/github-script's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Node.js version support to 24.x by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/637\"\u003eactions/github-script#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eREADME for updating actions/github-script from v7 to v8 by \u003ca href=\"https://github.com/sneha-krip\"\u003e\u003ccode\u003e@​sneha-krip\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/653\"\u003eactions/github-script#653\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eMake sure your runner is updated to this version or newer to use this release.\u003c/p\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/637\"\u003eactions/github-script#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sneha-krip\"\u003e\u003ccode\u003e@​sneha-krip\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/653\"\u003eactions/github-script#653\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/github-script/compare/v7.1.0...v8.0.0\"\u003ehttps://github.com/actions/github-script/compare/v7.1.0...v8.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade husky to v9 by \u003ca href=\"https://github.com/benelan\"\u003e\u003ccode\u003e@​benelan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/482\"\u003eactions/github-script#482\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd workflow file for publishing releases to immutable action package by \u003ca href=\"https://github.com/Jcambass\"\u003e\u003ccode\u003e@​Jcambass\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/485\"\u003eactions/github-script#485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade IA Publish by \u003ca href=\"https://github.com/Jcambass\"\u003e\u003ccode\u003e@​Jcambass\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/486\"\u003eactions/github-script#486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix workflow status badges by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/497\"\u003eactions/github-script#497\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate usage of \u003ccode\u003eactions/upload-artifact\u003c/code\u003e by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/512\"\u003eactions/github-script#512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClear up package name confusion by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/514\"\u003eactions/github-script#514\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate dependencies with \u003ccode\u003enpm audit fix\u003c/code\u003e by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/515\"\u003eactions/github-script#515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSpecify that the used script is JavaScript by \u003ca href=\"https://github.com/timotk\"\u003e\u003ccode\u003e@​timotk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/478\"\u003eactions/github-script#478\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Add Dependabot for NPM and Actions by \u003ca href=\"https://github.com/nschonni\"\u003e\u003ccode\u003e@​nschonni\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/472\"\u003eactions/github-script#472\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDefine \u003ccode\u003epermissions\u003c/code\u003e in workflows and update actions by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/531\"\u003eactions/github-script#531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Add Dependabot for .github/actions/install-dependencies by \u003ca href=\"https://github.com/nschonni\"\u003e\u003ccode\u003e@​nschonni\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/532\"\u003eactions/github-script#532\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Remove .vscode settings by \u003ca href=\"https://github.com/nschonni\"\u003e\u003ccode\u003e@​nschonni\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/533\"\u003eactions/github-script#533\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: Use github/setup-licensed by \u003ca href=\"https://github.com/nschonni\"\u003e\u003ccode\u003e@​nschonni\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/473\"\u003eactions/github-script#473\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003emake octokit instance available as octokit on top of github, to make it easier to seamlessly copy examples from GitHub rest api or octokit documentations by \u003ca href=\"https://github.com/iamstarkov\"\u003e\u003ccode\u003e@​iamstarkov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/508\"\u003eactions/github-script#508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003eoctokit\u003c/code\u003e README updates for v7 by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/557\"\u003eactions/github-script#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add \u0026quot;exec\u0026quot; usage examples by \u003ca href=\"https://github.com/neilime\"\u003e\u003ccode\u003e@​neilime\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/546\"\u003eactions/github-script#546\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump ruby/setup-ruby from 1.213.0 to 1.222.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/563\"\u003eactions/github-script#563\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump ruby/setup-ruby from 1.222.0 to 1.229.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/575\"\u003eactions/github-script#575\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClearly document passing inputs to the \u003ccode\u003escript\u003c/code\u003e by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/603\"\u003eactions/github-script#603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/610\"\u003eactions/github-script#610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benelan\"\u003e\u003ccode\u003e@​benelan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/482\"\u003eactions/github-script#482\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Jcambass\"\u003e\u003ccode\u003e@​Jcambass\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/485\"\u003eactions/github-script#485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/timotk\"\u003e\u003ccode\u003e@​timotk\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/478\"\u003eactions/github-script#478\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/iamstarkov\"\u003e\u003ccode\u003e@​iamstarkov\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/508\"\u003eactions/github-script#508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/neilime\"\u003e\u003ccode\u003e@​neilime\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/546\"\u003eactions/github-script#546\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/610\"\u003eactions/github-script#610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/github-script/compare/v7...v7.1.0\"\u003ehttps://github.com/actions/github-script/compare/v7...v7.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/ed597411d8f924073f98dfc5c65a23a2325f34cd\"\u003e\u003ccode\u003eed59741\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/github-script/issues/653\"\u003e#653\u003c/a\u003e from actions/sneha-krip/readme-for-v8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/2dc352e4baefd91bec0d06f6ae2f1045d1687ca3\"\u003e\u003ccode\u003e2dc352e\u003c/code\u003e\u003c/a\u003e Bold minimum Actions Runner version in README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/01e118c8d0d22115597e46514b5794e7bc3d56f1\"\u003e\u003ccode\u003e01e118c\u003c/code\u003e\u003c/a\u003e Update README for Node 24 runtime requirements\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/8b222ac82eda86dcad7795c9d49b839f7bf5b18b\"\u003e\u003ccode\u003e8b222ac\u003c/code\u003e\u003c/a\u003e Apply suggestion from \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/adc0eeac992408a7b276994ca87edde1c8ce4d25\"\u003e\u003ccode\u003eadc0eea\u003c/code\u003e\u003c/a\u003e README for updating actions/github-script from v7 to v8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/20fe497b3fe0c7be8aae5c9df711ac716dc9c425\"\u003e\u003ccode\u003e20fe497\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/github-script/issues/637\"\u003e#637\u003c/a\u003e from actions/node24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/e7b7f222b11a03e8b695c4c7afba89a02ea20164\"\u003e\u003ccode\u003ee7b7f22\u003c/code\u003e\u003c/a\u003e update licenses\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/2c81ba05f308415d095291e6eeffe983d822345b\"\u003e\u003ccode\u003e2c81ba0\u003c/code\u003e\u003c/a\u003e Update Node.js version support to 24.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/f28e40c7f34bde8b3046d885e986cb6290c5673b\"\u003e\u003ccode\u003ef28e40c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/github-script/issues/610\"\u003e#610\u003c/a\u003e from actions/nebuk89-patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/1ae9958572fde544457e4d51aed5ea044e8936f3\"\u003e\u003ccode\u003e1ae9958\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/github-script/compare/60a0d83039c74a4aee543508d2ffcb1c3799cdea...ed597411d8f924073f98dfc5c65a23a2325f34cd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webfactory/ssh-agent` from 0.9.1 to 0.10.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webfactory/ssh-agent/releases\"\u003ewebfactory/ssh-agent's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.10.0: Upgrade to node-24\u003c/h2\u003e\n\u003cp\u003eThis release upgrades from node 20 to node 24, preparing for Node 20's upcoming EOL and getting rid of the related warning message in GitHub.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003euse node24 by \u003ca href=\"https://github.com/jimmymcpeter\"\u003e\u003ccode\u003e@​jimmymcpeter\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webfactory/ssh-agent/pull/243\"\u003ewebfactory/ssh-agent#243\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jimmymcpeter\"\u003e\u003ccode\u003e@​jimmymcpeter\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/webfactory/ssh-agent/pull/243\"\u003ewebfactory/ssh-agent#243\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/webfactory/ssh-agent/compare/v0.9.1...v0.10.0\"\u003ehttps://github.com/webfactory/ssh-agent/compare/v0.9.1...v0.10.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webfactory/ssh-agent/commit/e83874834305fe9a4a2997156cb26c5de65a8555\"\u003e\u003ccode\u003ee838748\u003c/code\u003e\u003c/a\u003e use node24 (\u003ca href=\"https://redirect.github.com/webfactory/ssh-agent/issues/243\"\u003e#243\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/webfactory/ssh-agent/compare/a6f90b1f127823b31d4d4a8d96047790581349bd...e83874834305fe9a4a2997156cb26c5de65a8555\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `trufflesecurity/trufflehog` from 3.92.5 to 3.93.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/trufflesecurity/trufflehog/releases\"\u003etrufflesecurity/trufflehog's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.93.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: make LDAP verification context-aware by \u003ca href=\"https://github.com/mariduv\"\u003e\u003ccode\u003e@​mariduv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4768\"\u003etrufflesecurity/trufflehog#4768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStop growing filesystem resume data by \u003ca href=\"https://github.com/rosecodym\"\u003e\u003ccode\u003e@​rosecodym\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4797\"\u003etrufflesecurity/trufflehog#4797\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/trufflesecurity/trufflehog/compare/v3.93.7...v3.93.8\"\u003ehttps://github.com/trufflesecurity/trufflehog/compare/v3.93.7...v3.93.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.93.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[INS-331] Fix the issue causing the tests file system soruce tests to fail on windows by \u003ca href=\"https://github.com/MuneebUllahKhan222\"\u003e\u003ccode\u003e@​MuneebUllahKhan222\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4743\"\u003etrufflesecurity/trufflehog#4743\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThread original chunk data through engine pipeline by \u003ca href=\"https://github.com/dustin-decker\"\u003e\u003ccode\u003e@​dustin-decker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4780\"\u003etrufflesecurity/trufflehog#4780\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded detector for JFrog Artifactory Reference Tokens by \u003ca href=\"https://github.com/shahzadhaider1\"\u003e\u003ccode\u003e@​shahzadhaider1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4684\"\u003etrufflesecurity/trufflehog#4684\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix JDBC detector regex truncating trailing non-alphanumeric password characters by \u003ca href=\"https://github.com/amanfcp\"\u003e\u003ccode\u003e@​amanfcp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4755\"\u003etrufflesecurity/trufflehog#4755\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/trufflesecurity/trufflehog/compare/v3.93.6...v3.93.7\"\u003ehttps://github.com/trufflesecurity/trufflehog/compare/v3.93.6...v3.93.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.93.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH_TOKEN needed for gh by \u003ca href=\"https://github.com/bill-rich\"\u003e\u003ccode\u003e@​bill-rich\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4772\"\u003etrufflesecurity/trufflehog#4772\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMove verify flag into \u003ccode\u003edetectableChunk\u003c/code\u003e by \u003ca href=\"https://github.com/rosecodym\"\u003e\u003ccode\u003e@​rosecodym\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4558\"\u003etrufflesecurity/trufflehog#4558\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/trufflesecurity/trufflehog/compare/v3.93.5...v3.93.6\"\u003ehttps://github.com/trufflesecurity/trufflehog/compare/v3.93.5...v3.93.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.93.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd workspace_id to Slack Continuous metadata by \u003ca href=\"https://github.com/mariduv\"\u003e\u003ccode\u003e@​mariduv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4749\"\u003etrufflesecurity/trufflehog#4749\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(release): Disable docker provenance feature by \u003ca href=\"https://github.com/mariduv\"\u003e\u003ccode\u003e@​mariduv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4752\"\u003etrufflesecurity/trufflehog#4752\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBase64 decoding depth assessment by \u003ca href=\"https://github.com/dxa4481\"\u003e\u003ccode\u003e@​dxa4481\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4744\"\u003etrufflesecurity/trufflehog#4744\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[INS-246] Add Google Gemini API key detector by \u003ca href=\"https://github.com/mustansir14\"\u003e\u003ccode\u003e@​mustansir14\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4649\"\u003etrufflesecurity/trufflehog#4649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactor log package by \u003ca href=\"https://github.com/mcastorina\"\u003e\u003ccode\u003e@​mcastorina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4734\"\u003etrufflesecurity/trufflehog#4734\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[INS-309]updated google api version to v0.259.0 by \u003ca href=\"https://github.com/MuneebUllahKhan222\"\u003e\u003ccode\u003e@​MuneebUllahKhan222\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4736\"\u003etrufflesecurity/trufflehog#4736\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(ftp): set read deadline on connection to prevent indefinite hang by \u003ca href=\"https://github.com/dylanTruffle\"\u003e\u003ccode\u003e@​dylanTruffle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4759\"\u003etrufflesecurity/trufflehog#4759\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eadded rotation on 403s access_refused, this detector considered them indeterminate failures by \u003ca href=\"https://github.com/jordanTunstill\"\u003e\u003ccode\u003e@​jordanTunstill\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4740\"\u003etrufflesecurity/trufflehog#4740\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[INS-283] Support following symlinks in filesystem source by \u003ca href=\"https://github.com/MuneebUllahKhan222\"\u003e\u003ccode\u003e@​MuneebUllahKhan222\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4742\"\u003etrufflesecurity/trufflehog#4742\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typos in comments in json-enumerator source by \u003ca href=\"https://github.com/bradlarsen\"\u003e\u003ccode\u003e@​bradlarsen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4764\"\u003etrufflesecurity/trufflehog#4764\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix race condition in release process by \u003ca href=\"https://github.com/bill-rich\"\u003e\u003ccode\u003e@​bill-rich\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4766\"\u003etrufflesecurity/trufflehog#4766\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/trufflesecurity/trufflehog/compare/v3.93.4...v3.93.5\"\u003ehttps://github.com/trufflesecurity/trufflehog/compare/v3.93.4...v3.93.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.93.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd a new NDJSON / JSONL input source by \u003ca href=\"https://github.com/bradlarsen\"\u003e\u003ccode\u003e@​bradlarsen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4721\"\u003etrufflesecurity/trufflehog#4721\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typo in CODEOWNERS for pkg/analyzer by \u003ca href=\"https://github.com/shahzadhaider1\"\u003e\u003ccode\u003e@​shahzadhaider1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4748\"\u003etrufflesecurity/trufflehog#4748\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePre-allocate anthropic analyzer bindings slice capacity with zero length by \u003ca href=\"https://github.com/kashifkhan0771\"\u003e\u003ccode\u003e@​kashifkhan0771\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4746\"\u003etrufflesecurity/trufflehog#4746\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMade indeterminate error for JWT detector determinate by \u003ca href=\"https://github.com/jordanTunstill\"\u003e\u003ccode\u003e@​jordanTunstill\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4745\"\u003etrufflesecurity/trufflehog#4745\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOptimize the regex pattern in the artifactory access token detector by \u003ca href=\"https://github.com/shahzadhaider1\"\u003e\u003ccode\u003e@​shahzadhaider1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4685\"\u003etrufflesecurity/trufflehog#4685\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trufflesecurity/trufflehog/commit/6c05c4a00b91aa542267d8e32a8254774799d68d\"\u003e\u003ccode\u003e6c05c4a\u003c/code\u003e\u003c/a\u003e Stop growing filesystem resume data (\u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/issues/4797\"\u003e#4797\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trufflesecurity/trufflehog/commit/ef63d66d58bb7317d9b220b02af5beae569835ee\"\u003e\u003ccode\u003eef63d66\u003c/code\u003e\u003c/a\u003e fix: make LDAP verification context-aware (\u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/issues/4768\"\u003e#4768\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trufflesecurity/trufflehog/commit/c3e599b7163e8198a55467f3133db0e7b2a492cb\"\u003e\u003ccode\u003ec3e599b\u003c/code\u003e\u003c/a\u003e fix JDBC detector regex truncating trailing non-alphanumeric password charact...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trufflesecurity/trufflehog/commit/71c48afda84ff44a58a04bf76e0520398ac21778\"\u003e\u003ccode\u003e71c48af\u003c/code\u003e\u003c/a\u003e Added detector for JFrog Artifactory Reference Tokens (\u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/issues/4684\"\u003e#4684\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trufflesecurity/trufflehog/commit/648aca62d5437454d477426fb20c29f402c06a4e\"\u003e\u003ccode\u003e648aca6\u003c/code\u003e\u003c/a\u003e Thread original chunk data through engine pipeline (\u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/issues/4780\"\u003e#4780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trufflesecurity/trufflehog/commit/8df943f8298b6d3e45e6f01cc8f404efff8c109d\"\u003e\u003ccode\u003e8df943f\u003c/code\u003e\u003c/a\u003e [INS-331] Fix the issue causing the tests file system soruce tests to fail on...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trufflesecurity/trufflehog/commit/041f07e9df901a1038a528e5525b0226d04dd5ea\"\u003e\u003ccode\u003e041f07e\u003c/code\u003e\u003c/a\u003e Move verify flag into \u003ccode\u003edetectableChunk\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/issues/4558\"\u003e#4558\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trufflesecurity/trufflehog/commit/e9766030579a154b66f27fcaf0ca92e5a61426cf\"\u003e\u003ccode\u003ee976603\u003c/code\u003e\u003c/a\u003e GH_TOKEN needed for gh (\u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/issues/4772\"\u003e#4772\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trufflesecurity/trufflehog/commit/7cdc7ef878439f74842c00422c65ab864ed83125\"\u003e\u003ccode\u003e7cdc7ef\u003c/code\u003e\u003c/a\u003e Fix race condition in release process (\u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/issues/4766\"\u003e#4766\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trufflesecurity/trufflehog/commit/4f1d07f7c3bbc209ce0608d6b611e8a6031cc778\"\u003e\u003ccode\u003e4f1d07f\u003c/code\u003e\u003c/a\u003e Fix typos in comments in json-enumerator source (\u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/issues/4764\"\u003e#4764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/trufflesecurity/trufflehog/compare/v3.92.5...6c05c4a00b91aa542267d8e32a8254774799d68d\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/download-artifact` from 4.3.0 to 8.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/download-artifact/releases\"\u003eactions/download-artifact's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for CJK characters in the artifact name by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/download-artifact/pull/471\"\u003eactions/download-artifact#471\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd a regression test for artifact name + content-type mismatches by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/download-artifact/pull/472\"\u003eactions/download-artifact#472\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/download-artifact/compare/v8...v8.0.1\"\u003ehttps://github.com/actions/download-artifact/compare/v8...v8.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev8.0.0\u003c/h2\u003e\n\u003ch2\u003ev8 - What's new\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\nactions/download-artifact@v8 has been migrated to an ESM module. This should be transparent to the caller but forks might need to make significant changes.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\nHash mismatches will now error by default. Users can override this behavior with a setting change (see below).\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eDirect downloads\u003c/h3\u003e\n\u003cp\u003eTo support direct uploads in \u003ccode\u003eactions/upload-artifact\u003c/code\u003e, the action will no longer attempt to unzip all downloaded files. Instead, the action checks the \u003ccode\u003eContent-Type\u003c/code\u003e header ahead of unzipping and skips non-zipped files. Callers wishing to download a zipped file as-is can also set the new \u003ccode\u003eskip-decompress\u003c/code\u003e parameter to \u003ccode\u003etrue\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eEnforced checks (breaking)\u003c/h3\u003e\n\u003cp\u003eA previous release introduced digest checks on the download. If a download hash didn't match the expected hash from the server, the action would log a warning. Callers can now configure the behavior on mismatch with the \u003ccode\u003edigest-mismatch\u003c/code\u003e parameter. To be secure by default, we are now defaulting the behavior to \u003ccode\u003eerror\u003c/code\u003e which will fail the w...\n\n_Description has been truncated_","html_url":"https://github.com/hyperpolymath/Causals.jl/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyperpolymath%2FCausals.jl/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"}},{"old_version":"1.17.5","new_version":"1.23.0","update_type":"minor","path":null,"pr_created_at":"2026-03-18T21:21:05.000Z","version_change":"1.17.5 → 1.23.0","issue":{"uuid":"4097779125","node_id":"PR_kwDORjyz_M7Lq5Gh","number":2,"state":"open","title":"chore(deps): bump the actions group with 9 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-18T21:21:05.000Z","updated_at":"2026-03-25T23:25:37.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"actions","update_count":9,"packages":[{"name":"actions/checkout","old_version":"4.1.1","new_version":"6.0.2","repository_url":"https://github.com/actions/checkout"},{"name":"github/codeql-action","old_version":"4.31.10","new_version":"4.33.0","repository_url":"https://github.com/github/codeql-action"},{"name":"erlef/setup-beam","old_version":"1.17.5","new_version":"1.23.0","repository_url":"https://github.com/erlef/setup-beam"},{"name":"actions/github-script","old_version":"7.0.1","new_version":"8.0.0","repository_url":"https://github.com/actions/github-script"},{"name":"webfactory/ssh-agent","old_version":"0.9.1","new_version":"0.10.0","repository_url":"https://github.com/webfactory/ssh-agent"},{"name":"trufflesecurity/trufflehog","old_version":"3.92.5","new_version":"3.93.8","repository_url":"https://github.com/trufflesecurity/trufflehog"},{"name":"julia-actions/cache","old_version":"e8472695fb3c2028b1118dc399c8440ff497d409","new_version":"b56ac815fc0bb3999501ca86291fa3d875c622ee","repository_url":"https://github.com/julia-actions/cache"},{"name":"actions/download-artifact","old_version":"4.3.0","new_version":"8.0.1","repository_url":"https://github.com/actions/download-artifact"},{"name":"softprops/action-gh-release","old_version":"2.2.2","new_version":"2.6.1","repository_url":"https://github.com/softprops/action-gh-release"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 9 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [actions/checkout](https://github.com/actions/checkout) | `4.1.1` | `6.0.2` |\n| [github/codeql-action](https://github.com/github/codeql-action) | `4.31.10` | `4.33.0` |\n| [erlef/setup-beam](https://github.com/erlef/setup-beam) | `1.17.5` | `1.23.0` |\n| [actions/github-script](https://github.com/actions/github-script) | `7.0.1` | `8.0.0` |\n| [webfactory/ssh-agent](https://github.com/webfactory/ssh-agent) | `0.9.1` | `0.10.0` |\n| [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) | `3.92.5` | `3.93.8` |\n| [julia-actions/cache](https://github.com/julia-actions/cache) | `e8472695fb3c2028b1118dc399c8440ff497d409` | `b56ac815fc0bb3999501ca86291fa3d875c622ee` |\n| [actions/download-artifact](https://github.com/actions/download-artifact) | `4.3.0` | `8.0.1` |\n| [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `2.2.2` | `2.6.1` |\n\nUpdates `actions/checkout` from 4.1.1 to 6.0.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/releases\"\u003eactions/checkout's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set by \u003ca href=\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2355\"\u003eactions/checkout#2355\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix tag handling: preserve annotations and explicit fetch-tags by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2356\"\u003eactions/checkout#2356\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v6.0.1...v6.0.2\"\u003ehttps://github.com/actions/checkout/compare/v6.0.1...v6.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate all references from v5 and v4 to v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2314\"\u003eactions/checkout#2314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd worktree support for persist-credentials includeIf by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2327\"\u003eactions/checkout#2327\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify v6 README by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2328\"\u003eactions/checkout#2328\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v6...v6.0.1\"\u003ehttps://github.com/actions/checkout/compare/v6...v6.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev6-beta by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2298\"\u003eactions/checkout#2298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate readme/changelog for v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2311\"\u003eactions/checkout#2311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/checkout/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6-beta\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eUpdated persist-credentials to store the credentials under \u003ccode\u003e$RUNNER_TEMP\u003c/code\u003e instead of directly in the local git config.\u003c/p\u003e\n\u003cp\u003eThis requires a minimum Actions Runner version of \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.329.0\"\u003ev2.329.0\u003c/a\u003e to access the persisted credentials for \u003ca href=\"https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action\"\u003eDocker container action\u003c/a\u003e scenarios.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5...v5.0.1\"\u003ehttps://github.com/actions/checkout/compare/v5...v5.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare v5.0.0 release by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2238\"\u003eactions/checkout#2238\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/blob/main/CHANGELOG.md\"\u003eactions/checkout's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix tag handling: preserve annotations and explicit fetch-tags by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2356\"\u003eactions/checkout#2356\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd worktree support for persist-credentials includeIf by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2327\"\u003eactions/checkout#2327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca href=\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca href=\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca href=\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdjust positioning of user email note and permissions heading by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2044\"\u003eactions/checkout#2044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2194\"\u003eactions/checkout#2194\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CODEOWNERS for actions by \u003ca href=\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2224\"\u003eactions/checkout#2224\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate package dependencies by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2236\"\u003eactions/checkout#2236\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eurl-helper.ts\u003c/code\u003e now leverages well-known environment variables by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1941\"\u003eactions/checkout#1941\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpand unit test coverage for \u003ccode\u003eisGhes\u003c/code\u003e by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1946\"\u003eactions/checkout#1946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck out other refs/* by commit if provided, fall back to ref by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1924\"\u003eactions/checkout#1924\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Ref and Commit outputs by \u003ca href=\"https://github.com/lucacome\"\u003e\u003ccode\u003e@​lucacome\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1180\"\u003eactions/checkout#1180\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDependency updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e- \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1777\"\u003eactions/checkout#1777\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1872\"\u003eactions/checkout#1872\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump the minor-npm-dependencies group across 1 directory with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1739\"\u003eactions/checkout#1739\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 3 to 4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1697\"\u003eactions/checkout#1697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCheck out other refs/* by commit by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1774\"\u003eactions/checkout#1774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin actions/checkout's own workflows to a known, good, stable version. by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1776\"\u003eactions/checkout#1776\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck platform to set archive extension appropriately by \u003ca href=\"https://github.com/cory-miller\"\u003e\u003ccode\u003e@​cory-miller\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1732\"\u003eactions/checkout#1732\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003e\u003ccode\u003ede0fac2\u003c/code\u003e\u003c/a\u003e Fix tag handling: preserve annotations and explicit fetch-tags (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2356\"\u003e#2356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49\"\u003e\u003ccode\u003e064fe7f\u003c/code\u003e\u003c/a\u003e Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8\"\u003e\u003ccode\u003e8e8c483\u003c/code\u003e\u003c/a\u003e Clarify v6 README (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2328\"\u003e#2328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1\"\u003e\u003ccode\u003e033fa0d\u003c/code\u003e\u003c/a\u003e Add worktree support for persist-credentials includeIf (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2327\"\u003e#2327\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5\"\u003e\u003ccode\u003ec2d88d3\u003c/code\u003e\u003c/a\u003e Update all references from v5 and v4 to v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2314\"\u003e#2314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3\"\u003e\u003ccode\u003e1af3b93\u003c/code\u003e\u003c/a\u003e update readme/changelog for v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2311\"\u003e#2311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e\"\u003e\u003ccode\u003e71cf226\u003c/code\u003e\u003c/a\u003e v6-beta (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2298\"\u003e#2298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e\"\u003e\u003ccode\u003e069c695\u003c/code\u003e\u003c/a\u003e Persist creds to a separate file (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2286\"\u003e#2286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493\"\u003e\u003ccode\u003eff7abcd\u003c/code\u003e\u003c/a\u003e Update README to include Node.js 24 support details and requirements (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8\"\u003e\u003ccode\u003e08c6903\u003c/code\u003e\u003c/a\u003e Prepare v5.0.0 release (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2238\"\u003e#2238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/checkout/compare/v4.1.1...de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 4.31.10 to 4.33.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.33.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3548\"\u003e#3548\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepositories owned by an organization can now set up the \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e custom repository property to disable \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis for CodeQL\u003c/a\u003e. First, create a custom repository property with the name \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e and the type \u0026quot;True/false\u0026quot; in the organization's settings. Then in the repository's settings, set this property to \u003ccode\u003etrue\u003c/code\u003e to disable improved incremental analysis. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. This feature is not yet available on GitHub Enterprise Server. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3507\"\u003e#3507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change so that when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e fails on a runner — potentially due to insufficient disk space — the failure is recorded in the Actions cache so that subsequent runs will automatically skip improved incremental analysis until something changes (e.g. a larger runner is provisioned or a new CodeQL version is released). We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3487\"\u003e#3487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe minimum memory check for improved incremental analysis is now skipped for CodeQL 2.24.3 and later, which has reduced peak RAM usage. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3515\"\u003e#3515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReduced log levels for best-effort private package registry connection check failures to reduce noise from workflow annotations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3516\"\u003e#3516\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which lowers the minimum disk space requirement for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e, enabling it to run on standard GitHub Actions runners. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3498\"\u003e#3498\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which allows the \u003ccode\u003estart-proxy\u003c/code\u003e action to resolve the CodeQL CLI version from feature flags instead of using the linked CLI bundle version. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3512\"\u003e#3512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe previously experimental changes from versions 4.32.3, 4.32.4, 3.32.3 and 3.32.4 are now enabled by default. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3503\"\u003e#3503\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3504\"\u003e#3504\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.2\"\u003e2.24.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3493\"\u003e#3493\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which improves how certificates are generated for the authentication proxy that is used by the CodeQL Action in Default Setup when \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e. This is expected to generate more widely compatible certificates and should have no impact on analyses which are working correctly already. We expect to roll this change out to everyone in February. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3473\"\u003e#3473\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen the CodeQL Action is run \u003ca href=\"https://docs.github.com/en/code-security/how-tos/scan-code-for-vulnerabilities/troubleshooting/troubleshooting-analysis-errors/logs-not-detailed-enough#creating-codeql-debugging-artifacts-for-codeql-default-setup\"\u003ewith debugging enabled in Default Setup\u003c/a\u003e and \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e, the \u0026quot;Setup proxy for registries\u0026quot; step will output additional diagnostic information that can be used for troubleshooting. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3486\"\u003e#3486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which allows the CodeQL Action to enable network debugging for Java programs. This will help GitHub staff support customers with troubleshooting issues in GitHub-managed CodeQL workflows, such as Default Setup. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3485\"\u003e#3485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which enables GitHub-managed workflows, such as Default Setup, to use a \u003ca href=\"https://github.com/dsp-testing/codeql-cli-nightlies\"\u003enightly CodeQL CLI release\u003c/a\u003e instead of the latest, stable release that is used by default. This will help GitHub staff support customers whose analyses for a given repository or organization require early access to a change in an upcoming CodeQL CLI release. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3484\"\u003e#3484\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded experimental support for testing connections to \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for Default Setup. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3466\"\u003e#3466\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.1\"\u003e2.24.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3460\"\u003e#3460\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eA warning is now shown in Default Setup workflow logs if a \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registry is configured\u003c/a\u003e using a GitHub Personal Access Token (PAT), but no username is configured. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3422\"\u003e#3422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug which caused the CodeQL Action to fail when repository properties cannot successfully be retrieved. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3421\"\u003e#3421\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.0\"\u003e2.24.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3425\"\u003e#3425\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.31.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWhen running a Default Setup workflow with \u003ca href=\"https://docs.github.com/en/actions/how-tos/monitor-workflows/enable-debug-logging\"\u003eActions debugging enabled\u003c/a\u003e, the CodeQL Action will now use more unique names when uploading logs from the Dependabot authentication proxy as workflow artifacts. This ensures that the artifact names do not clash between multiple jobs in a build matrix. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3409\"\u003e#3409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved error handling throughout the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3415\"\u003e#3415\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded experimental support for automatically excluding \u003ca href=\"https://docs.github.com/en/repositories/working-with-files/managing-files/customizing-how-changed-files-appear-on-github\"\u003egenerated files\u003c/a\u003e from the analysis. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for some GitHub-managed analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3318\"\u003e#3318\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe changelog extracts that are included with releases of the CodeQL Action are now shorter to avoid duplicated information from appearing in Dependabot PRs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3403\"\u003e#3403\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.33.0 - 16 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.6 - 05 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3548\"\u003e#3548\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.5 - 02 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepositories owned by an organization can now set up the \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e custom repository property to disable \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis for CodeQL\u003c/a\u003e. First, create a custom repository property with the name \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e and the type \u0026quot;True/false\u0026quot; in the organization's settings. Then in the repository's settings, set this property to \u003ccode\u003etrue\u003c/code\u003e to disable improved incremental analysis. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. This feature is not yet available on GitHub Enterprise Server. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3507\"\u003e#3507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change so that when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e fails on a runner — potentially due to insufficient disk space — the failure is recorded in the Actions cache so that subsequent runs will automatically skip improved incremental analysis until something changes (e.g. a larger runner is provisioned or a new CodeQL version is released). We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3487\"\u003e#3487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe minimum memory check for improved incremental analysis is now skipped for CodeQL 2.24.3 and later, which has reduced peak RAM usage. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3515\"\u003e#3515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReduced log levels for best-effort private package registry connection check failures to reduce noise from workflow annotations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3516\"\u003e#3516\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which lowers the minimum disk space requirement for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e, enabling it to run on standard GitHub Actions runners. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3498\"\u003e#3498\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which allows the \u003ccode\u003estart-proxy\u003c/code\u003e action to resolve the CodeQL CLI version from feature flags instead of using the linked CLI bundle version. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3512\"\u003e#3512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe previously experimental changes from versions 4.32.3, 4.32.4, 3.32.3 and 3.32.4 are now enabled by default. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3503\"\u003e#3503\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3504\"\u003e#3504\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.4 - 20 Feb 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.2\"\u003e2.24.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3493\"\u003e#3493\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which improves how certificates are generated for the authentication proxy that is used by the CodeQL Action in Default Setup when \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e. This is expected to generate more widely compatible certificates and should have no impact on analyses which are working correctly already. We expect to roll this change out to everyone in February. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3473\"\u003e#3473\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen the CodeQL Action is run \u003ca href=\"https://docs.github.com/en/code-security/how-tos/scan-code-for-vulnerabilities/troubleshooting/troubleshooting-analysis-errors/logs-not-detailed-enough#creating-codeql-debugging-artifacts-for-codeql-default-setup\"\u003ewith debugging enabled in Default Setup\u003c/a\u003e and \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e, the \u0026quot;Setup proxy for registries\u0026quot; step will output additional diagnostic information that can be used for troubleshooting. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3486\"\u003e#3486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which allows the CodeQL Action to enable network debugging for Java programs. This will help GitHub staff support customers with troubleshooting issues in GitHub-managed CodeQL workflows, such as Default Setup. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3485\"\u003e#3485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which enables GitHub-managed workflows, such as Default Setup, to use a \u003ca href=\"https://github.com/dsp-testing/codeql-cli-nightlies\"\u003enightly CodeQL CLI release\u003c/a\u003e instead of the latest, stable release that is used by default. This will help GitHub staff support customers whose analyses for a given repository or organization require early access to a change in an upcoming CodeQL CLI release. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3484\"\u003e#3484\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.3 - 13 Feb 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded experimental support for testing connections to \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for Default Setup. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3466\"\u003e#3466\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.2 - 05 Feb 2026\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/b1bff81932f5cdfc8695c7752dcee935dcd061c8\"\u003e\u003ccode\u003eb1bff81\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3574\"\u003e#3574\u003c/a\u003e from github/update-v4.32.7-7dd76e6bf\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e682234222f60d9549e37004a04a8f097bbd5798\"\u003e\u003ccode\u003ee682234\u003c/code\u003e\u003c/a\u003e Add changelog entry for \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3570\"\u003e#3570\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/95be291f41a39216811b3ce1a63a8df71d40d405\"\u003e\u003ccode\u003e95be291\u003c/code\u003e\u003c/a\u003e Bump minor version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/59bcb6025e4788109a6bb8f7ac4ad9c6a8d6beeb\"\u003e\u003ccode\u003e59bcb60\u003c/code\u003e\u003c/a\u003e Update changelog for v4.32.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7dd76e6bf79d24133aa649887a6ee01d8b063816\"\u003e\u003ccode\u003e7dd76e6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3572\"\u003e#3572\u003c/a\u003e from github/mbg/pr-checks/eslint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e3200e331bf51e47d45a8a5645d2a125c8a8a643\"\u003e\u003ccode\u003ee3200e3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3563\"\u003e#3563\u003c/a\u003e from github/mbg/private-registry/oidc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/4c356c71a28eb968dbcf4fb717211e82f406874f\"\u003e\u003ccode\u003e4c356c7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3570\"\u003e#3570\u003c/a\u003e from github/mbg/repo-props/warn-on-unexpected-props\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/b4937c19e53d395cc647fe16c4e00788a4e7ded3\"\u003e\u003ccode\u003eb4937c1\u003c/code\u003e\u003c/a\u003e Only emit one message with accumulated property names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/136b8ab3777165e3ec7a19faa7ef9732ace305da\"\u003e\u003ccode\u003e136b8ab\u003c/code\u003e\u003c/a\u003e Remove \u003ccode\u003ecache-dependency-path\u003c/code\u003e options as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/a5aba5952cd5add76ec9f971654d61461a3ac2bd\"\u003e\u003ccode\u003ea5aba59\u003c/code\u003e\u003c/a\u003e Remove \u003ccode\u003epackage-lock.json\u003c/code\u003e that's no longer needed\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/v4.31.10...b1bff81932f5cdfc8695c7752dcee935dcd061c8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `erlef/setup-beam` from 1.17.5 to 1.23.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.23.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.23.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.22.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003emise.toml\u003c/code\u003e as \u003ccode\u003eversion-file\u003c/code\u003e (input) by \u003ca href=\"https://github.com/dinokovac-river\"\u003e\u003ccode\u003e@​dinokovac-river\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/415\"\u003eerlef/setup-beam#415\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDependabot updates\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/419\"\u003eerlef/setup-beam#419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/exec\u003c/code\u003e from 1.1.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/405\"\u003eerlef/setup-beam#405\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/tool-cache\u003c/code\u003e from 2.0.2 to 4.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/407\"\u003eerlef/setup-beam#407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​eslint/js\u003c/code\u003e from 9.38.0 to 10.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/404\"\u003eerlef/setup-beam#404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.1.0 to 6.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/409\"\u003eerlef/setup-beam#409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.2.0 to 6.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/423\"\u003eerlef/setup-beam#423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint from 10.0.1 to 10.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/420\"\u003eerlef/setup-beam#420\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint-plugin-yml from 1.18.0 to 3.3.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/418\"\u003eerlef/setup-beam#418\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump globals from 17.3.0 to 17.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/421\"\u003eerlef/setup-beam#421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump markdownlint-cli from 0.47.0 to 0.48.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/422\"\u003eerlef/setup-beam#422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump prettier from 3.6.2 to 3.8.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/408\"\u003eerlef/setup-beam#408\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.0 to 2.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/410\"\u003eerlef/setup-beam#410\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.1 to 2.1.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/424\"\u003eerlef/setup-beam#424\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003e\u003ccode\u003eee09b1e\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to f8b54b5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/f8b54b559e6123caaab7f1aa113f60a5fad786e6\"\u003e\u003ccode\u003ef8b54b5\u003c/code\u003e\u003c/a\u003e Run ARM-specific tests consistently (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/434\"\u003e#434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf1ce7403467d283c9c2f605633ef849ed3781c8\"\u003e\u003ccode\u003ebf1ce74\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 559a930\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/559a93075107e8996bed015071364d5b82de6c9a\"\u003e\u003ccode\u003e559a930\u003c/code\u003e\u003c/a\u003e Bump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 director...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/1380ebe712baba142b98b84cf8d62c5235dfafc3\"\u003e\u003ccode\u003e1380ebe\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 0a54959\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/0a549596b00a62e47fdaf801584216a26b1831e8\"\u003e\u003ccode\u003e0a54959\u003c/code\u003e\u003c/a\u003e Compatibility matrix strategy (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/389\"\u003e#389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/3a3c94fd9e9380e45cecff3ab9f5b6b9e0d2f6da\"\u003e\u003ccode\u003e3a3c94f\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to cfafb69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/cfafb69dddf4265d6e7aa5232514b85b3f829076\"\u003e\u003ccode\u003ecfafb69\u003c/code\u003e\u003c/a\u003e feat: add Erlang problem matchers (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/433\"\u003e#433\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/b3cbb6afbf19923100205a2cc9ac78dbc5d87113\"\u003e\u003ccode\u003eb3cbb6a\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 2abe6cd\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/2abe6cda7aebef61794fefb3fb28ad5bab8bb158\"\u003e\u003ccode\u003e2abe6cd\u003c/code\u003e\u003c/a\u003e fix: download correct Gleam binary for macOS and Linux ARM64 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/428\"\u003e#428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/2f0cc07b4b9bea248ae098aba9e1a8a1de5ec24c...ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/github-script` from 7.0.1 to 8.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/github-script/releases\"\u003eactions/github-script's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Node.js version support to 24.x by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/637\"\u003eactions/github-script#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eREADME for updating actions/github-script from v7 to v8 by \u003ca href=\"https://github.com/sneha-krip\"\u003e\u003ccode\u003e@​sneha-krip\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/653\"\u003eactions/github-script#653\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eMake sure your runner is updated to this version or newer to use this release.\u003c/p\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/637\"\u003eactions/github-script#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sneha-krip\"\u003e\u003ccode\u003e@​sneha-krip\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/653\"\u003eactions/github-script#653\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/github-script/compare/v7.1.0...v8.0.0\"\u003ehttps://github.com/actions/github-script/compare/v7.1.0...v8.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade husky to v9 by \u003ca href=\"https://github.com/benelan\"\u003e\u003ccode\u003e@​benelan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/482\"\u003eactions/github-script#482\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd workflow file for publishing releases to immutable action package by \u003ca href=\"https://github.com/Jcambass\"\u003e\u003ccode\u003e@​Jcambass\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/485\"\u003eactions/github-script#485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade IA Publish by \u003ca href=\"https://github.com/Jcambass\"\u003e\u003ccode\u003e@​Jcambass\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/486\"\u003eactions/github-script#486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix workflow status badges by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/497\"\u003eactions/github-script#497\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate usage of \u003ccode\u003eactions/upload-artifact\u003c/code\u003e by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/512\"\u003eactions/github-script#512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClear up package name confusion by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/514\"\u003eactions/github-script#514\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate dependencies with \u003ccode\u003enpm audit fix\u003c/code\u003e by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/515\"\u003eactions/github-script#515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSpecify that the used script is JavaScript by \u003ca href=\"https://github.com/timotk\"\u003e\u003ccode\u003e@​timotk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/478\"\u003eactions/github-script#478\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Add Dependabot for NPM and Actions by \u003ca href=\"https://github.com/nschonni\"\u003e\u003ccode\u003e@​nschonni\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/472\"\u003eactions/github-script#472\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDefine \u003ccode\u003epermissions\u003c/code\u003e in workflows and update actions by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/531\"\u003eactions/github-script#531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Add Dependabot for .github/actions/install-dependencies by \u003ca href=\"https://github.com/nschonni\"\u003e\u003ccode\u003e@​nschonni\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/532\"\u003eactions/github-script#532\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Remove .vscode settings by \u003ca href=\"https://github.com/nschonni\"\u003e\u003ccode\u003e@​nschonni\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/533\"\u003eactions/github-script#533\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: Use github/setup-licensed by \u003ca href=\"https://github.com/nschonni\"\u003e\u003ccode\u003e@​nschonni\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/473\"\u003eactions/github-script#473\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003emake octokit instance available as octokit on top of github, to make it easier to seamlessly copy examples from GitHub rest api or octokit documentations by \u003ca href=\"https://github.com/iamstarkov\"\u003e\u003ccode\u003e@​iamstarkov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/508\"\u003eactions/github-script#508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003eoctokit\u003c/code\u003e README updates for v7 by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/557\"\u003eactions/github-script#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add \u0026quot;exec\u0026quot; usage examples by \u003ca href=\"https://github.com/neilime\"\u003e\u003ccode\u003e@​neilime\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/546\"\u003eactions/github-script#546\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump ruby/setup-ruby from 1.213.0 to 1.222.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/563\"\u003eactions/github-script#563\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump ruby/setup-ruby from 1.222.0 to 1.229.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/575\"\u003eactions/github-script#575\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClearly document passing inputs to the \u003ccode\u003escript\u003c/code\u003e by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/603\"\u003eactions/github-script#603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/610\"\u003eactions/github-script#610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benelan\"\u003e\u003ccode\u003e@​benelan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/482\"\u003eactions/github-script#482\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Jcambass\"\u003e\u003ccode\u003e@​Jcambass\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/485\"\u003eactions/github-script#485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/timotk\"\u003e\u003ccode\u003e@​timotk\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/478\"\u003eactions/github-script#478\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/iamstarkov\"\u003e\u003ccode\u003e@​iamstarkov\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/508\"\u003eactions/github-script#508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/neilime\"\u003e\u003ccode\u003e@​neilime\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/546\"\u003eactions/github-script#546\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/610\"\u003eactions/github-script#610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/github-script/compare/v7...v7.1.0\"\u003ehttps://github.com/actions/github-script/compare/v7...v7.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/ed597411d8f924073f98dfc5c65a23a2325f34cd\"\u003e\u003ccode\u003eed59741\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/github-script/issues/653\"\u003e#653\u003c/a\u003e from actions/sneha-krip/readme-for-v8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/2dc352e4baefd91bec0d06f6ae2f1045d1687ca3\"\u003e\u003ccode\u003e2dc352e\u003c/code\u003e\u003c/a\u003e Bold minimum Actions Runner version in README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/01e118c8d0d22115597e46514b5794e7bc3d56f1\"\u003e\u003ccode\u003e01e118c\u003c/code\u003e\u003c/a\u003e Update README for Node 24 runtime requirements\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/8b222ac82eda86dcad7795c9d49b839f7bf5b18b\"\u003e\u003ccode\u003e8b222ac\u003c/code\u003e\u003c/a\u003e Apply suggestion from \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/adc0eeac992408a7b276994ca87edde1c8ce4d25\"\u003e\u003ccode\u003eadc0eea\u003c/code\u003e\u003c/a\u003e README for updating actions/github-script from v7 to v8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/20fe497b3fe0c7be8aae5c9df711ac716dc9c425\"\u003e\u003ccode\u003e20fe497\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/github-script/issues/637\"\u003e#637\u003c/a\u003e from actions/node24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/e7b7f222b11a03e8b695c4c7afba89a02ea20164\"\u003e\u003ccode\u003ee7b7f22\u003c/code\u003e\u003c/a\u003e update licenses\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/2c81ba05f308415d095291e6eeffe983d822345b\"\u003e\u003ccode\u003e2c81ba0\u003c/code\u003e\u003c/a\u003e Update Node.js version support to 24.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/f28e40c7f34bde8b3046d885e986cb6290c5673b\"\u003e\u003ccode\u003ef28e40c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/github-script/issues/610\"\u003e#610\u003c/a\u003e from actions/nebuk89-patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/1ae9958572fde544457e4d51aed5ea044e8936f3\"\u003e\u003ccode\u003e1ae9958\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/github-script/compare/60a0d83039c74a4aee543508d2ffcb1c3799cdea...ed597411d8f924073f98dfc5c65a23a2325f34cd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webfactory/ssh-agent` from 0.9.1 to 0.10.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webfactory/ssh-agent/releases\"\u003ewebfactory/ssh-agent's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.10.0: Upgrade to node-24\u003c/h2\u003e\n\u003cp\u003eThis release upgrades from node 20 to node 24, preparing for Node 20's upcoming EOL and getting rid of the related warning message in GitHub.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003euse node24 by \u003ca href=\"https://github.com/jimmymcpeter\"\u003e\u003ccode\u003e@​jimmymcpeter\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webfactory/ssh-agent/pull/243\"\u003ewebfactory/ssh-agent#243\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jimmymcpeter\"\u003e\u003ccode\u003e@​jimmymcpeter\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/webfactory/ssh-agent/pull/243\"\u003ewebfactory/ssh-agent#243\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/webfactory/ssh-agent/compare/v0.9.1...v0.10.0\"\u003ehttps://github.com/webfactory/ssh-agent/compare/v0.9.1...v0.10.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webfactory/ssh-agent/commit/e83874834305fe9a4a2997156cb26c5de65a8555\"\u003e\u003ccode\u003ee838748\u003c/code\u003e\u003c/a\u003e use node24 (\u003ca href=\"https://redirect.github.com/webfactory/ssh-agent/issues/243\"\u003e#243\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/webfactory/ssh-agent/compare/a6f90b1f127823b31d4d4a8d96047790581349bd...e83874834305fe9a4a2997156cb26c5de65a8555\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `trufflesecurity/trufflehog` from 3.92.5 to 3.93.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/trufflesecurity/trufflehog/releases\"\u003etrufflesecurity/trufflehog's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.93.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: make LDAP verification context-aware by \u003ca href=\"https://github.com/mariduv\"\u003e\u003ccode\u003e@​mariduv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4768\"\u003etrufflesecurity/trufflehog#4768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStop growing filesystem resume data by \u003ca href=\"https://github.com/rosecodym\"\u003e\u003ccode\u003e@​rosecodym\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4797\"\u003etrufflesecurity/trufflehog#4797\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/trufflesecurity/trufflehog/compare/v3.93.7...v3.93.8\"\u003ehttps://github.com/trufflesecurity/trufflehog/compare/v3.93.7...v3.93.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.93.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[INS-331] Fix the issue causing the tests file system soruce tests to fail on windows by \u003ca href=\"https://github.com/MuneebUllahKhan222\"\u003e\u003ccode\u003e@​MuneebUllahKhan222\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4743\"\u003etrufflesecurity/trufflehog#4743\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThread original chunk data through engine pipeline by \u003ca href=\"https://github.com/dustin-decker\"\u003e\u003ccode\u003e@​dustin-decker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4780\"\u003etrufflesecurity/trufflehog#4780\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded detector for JFrog Artifactory Reference Tokens by \u003ca href=\"https://github.com/shahzadhaider1\"\u003e\u003ccode\u003e@​shahzadhaider1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4684\"\u003etrufflesecurity/trufflehog#4684\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix JDBC detector regex truncating trailing non-alphanumeric password characters by \u003ca href=\"https://github.com/amanfcp\"\u003e\u003ccode\u003e@​amanfcp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4755\"\u003etrufflesecurity/trufflehog#4755\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/trufflesecurity/trufflehog/compare/v3.93.6...v3.93.7\"\u003ehttps://github.com/trufflesecurity/trufflehog/compare/v3.93.6...v3.93.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.93.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH_TOKEN needed for gh by \u003ca href=\"https://github.com/bill-rich\"\u003e\u003ccode\u003e@​bill-rich\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4772\"\u003etrufflesecurity/trufflehog#4772\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMove verify flag into \u003ccode\u003edetectableChunk\u003c/code\u003e by \u003ca href=\"https://github.com/rosecodym\"\u003e\u003ccode\u003e@​rosecodym\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4558\"\u003etrufflesecurity/trufflehog#4558\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/trufflesecurity/trufflehog/compare/v3.93.5...v3.93.6\"\u003ehttps://github.com/trufflesecurity/trufflehog/compare/v3.93.5...v3.93.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.93.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd workspace_id to Slack Continuous metadata by \u003ca href=\"https://github.com/mariduv\"\u003e\u003ccode\u003e@​mariduv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4749\"\u003etrufflesecurity/trufflehog#4749\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(release): Disable docker provenance feature by \u003ca href=\"https://github.com/mariduv\"\u003e\u003ccode\u003e@​mariduv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4752\"\u003etrufflesecurity/trufflehog#4752\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBase64 decoding depth assessment by \u003ca href=\"https://github.com/dxa4481\"\u003e\u003ccode\u003e@​dxa4481\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4744\"\u003etrufflesecurity/trufflehog#4744\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[INS-246] Add Google Gemini API key detector by \u003ca href=\"https://github.com/mustansir14\"\u003e\u003ccode\u003e@​mustansir14\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4649\"\u003etrufflesecurity/trufflehog#4649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactor log package by \u003ca href=\"https://github.com/mcastorina\"\u003e\u003ccode\u003e@​mcastorina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4734\"\u003etrufflesecurity/trufflehog#4734\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[INS-309]updated google api version to v0.259.0 by \u003ca href=\"https://github.com/MuneebUllahKhan222\"\u003e\u003ccode\u003e@​MuneebUllahKhan222\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4736\"\u003etrufflesecurity/trufflehog#4736\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(ftp): set read deadline on connection to prevent indefinite hang by \u003ca href=\"https://github.com/dylanTruffle\"\u003e\u003ccode\u003e@​dylanTruffle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4759\"\u003etrufflesecurity/trufflehog#4759\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eadded rotation on 403s access_refused, this detector considered them indeterminate failures by \u003ca href=\"https://github.com/jordanTunstill\"\u003e\u003ccode\u003e@​jordanTunstill\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4740\"\u003etrufflesecurity/trufflehog#4740\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[INS-283] Support following symlinks in filesystem source by \u003ca href=\"https://github.com/MuneebUllahKhan222\"\u003e\u003ccode\u003e@​MuneebUllahKhan222\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4742\"\u003etrufflesecurity/trufflehog#4742\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typos in comments in json-enumerator source by \u003ca href=\"https://github.com/bradlarsen\"\u003e\u003ccode\u003e@​bradlarsen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4764\"\u003etrufflesecurity/trufflehog#4764\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix race condition in release process by \u003ca href=\"https://github.com/bill-rich\"\u003e\u003ccode\u003e@​bill-rich\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4766\"\u003etrufflesecurity/trufflehog#4766\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/trufflesecurity/trufflehog/compare/v3.93.4...v3.93.5\"\u003ehttps:/...\n\n_Description has been truncated_","html_url":"https://github.com/hyperpolymath/Exnovation.jl/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyperpolymath%2FExnovation.jl/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"}},{"old_version":"1.22.0","new_version":"1.23.0","update_type":"minor","path":null,"pr_created_at":"2026-03-18T20:02:34.000Z","version_change":"1.22.0 → 1.23.0","issue":{"uuid":"4097426138","node_id":"PR_kwDOQiHbVM7LpvSC","number":27,"state":"open","title":"chore(deps): bump the actions group across 1 directory with 6 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-18T20:02:34.000Z","updated_at":"2026-04-01T12:23:01.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"actions","update_count":6,"packages":[{"name":"actions/checkout","old_version":"4","new_version":"6","repository_url":"https://github.com/actions/checkout"},{"name":"github/codeql-action","old_version":"4.32.6","new_version":"4.33.0","repository_url":"https://github.com/github/codeql-action"},{"name":"erlef/setup-beam","old_version":"1.22.0","new_version":"1.23.0","repository_url":"https://github.com/erlef/setup-beam"},{"name":"webfactory/ssh-agent","old_version":"0.9.1","new_version":"0.10.0","repository_url":"https://github.com/webfactory/ssh-agent"},{"name":"Swatinem/rust-cache","old_version":"2.8.2","new_version":"2.9.1","repository_url":"https://github.com/swatinem/rust-cache"},{"name":"codecov/codecov-action","old_version":"5.5.2","new_version":"5.5.3","repository_url":"https://github.com/codecov/codecov-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 6 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [actions/checkout](https://github.com/actions/checkout) | `4` | `6` |\n| [github/codeql-action](https://github.com/github/codeql-action) | `4.32.6` | `4.33.0` |\n| [erlef/setup-beam](https://github.com/erlef/setup-beam) | `1.22.0` | `1.23.0` |\n| [webfactory/ssh-agent](https://github.com/webfactory/ssh-agent) | `0.9.1` | `0.10.0` |\n| [Swatinem/rust-cache](https://github.com/swatinem/rust-cache) | `2.8.2` | `2.9.1` |\n| [codecov/codecov-action](https://github.com/codecov/codecov-action) | `5.5.2` | `5.5.3` |\n\n\nUpdates `actions/checkout` from 4 to 6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/releases\"\u003eactions/checkout's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev6-beta by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2298\"\u003eactions/checkout#2298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate readme/changelog for v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2311\"\u003eactions/checkout#2311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/checkout/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6-beta\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eUpdated persist-credentials to store the credentials under \u003ccode\u003e$RUNNER_TEMP\u003c/code\u003e instead of directly in the local git config.\u003c/p\u003e\n\u003cp\u003eThis requires a minimum Actions Runner version of \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.329.0\"\u003ev2.329.0\u003c/a\u003e to access the persisted credentials for \u003ca href=\"https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action\"\u003eDocker container action\u003c/a\u003e scenarios.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5...v5.0.1\"\u003ehttps://github.com/actions/checkout/compare/v5...v5.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare v5.0.0 release by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2238\"\u003eactions/checkout#2238\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eMake sure your runner is updated to this version or newer to use this release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v4...v5.0.0\"\u003ehttps://github.com/actions/checkout/compare/v4...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v4...v4.3.1\"\u003ehttps://github.com/actions/checkout/compare/v4...v4.3.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca href=\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca href=\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca href=\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003e\u003ccode\u003ede0fac2\u003c/code\u003e\u003c/a\u003e Fix tag handling: preserve annotations and explicit fetch-tags (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2356\"\u003e#2356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49\"\u003e\u003ccode\u003e064fe7f\u003c/code\u003e\u003c/a\u003e Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8\"\u003e\u003ccode\u003e8e8c483\u003c/code\u003e\u003c/a\u003e Clarify v6 README (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2328\"\u003e#2328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1\"\u003e\u003ccode\u003e033fa0d\u003c/code\u003e\u003c/a\u003e Add worktree support for persist-credentials includeIf (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2327\"\u003e#2327\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5\"\u003e\u003ccode\u003ec2d88d3\u003c/code\u003e\u003c/a\u003e Update all references from v5 and v4 to v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2314\"\u003e#2314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3\"\u003e\u003ccode\u003e1af3b93\u003c/code\u003e\u003c/a\u003e update readme/changelog for v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2311\"\u003e#2311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e\"\u003e\u003ccode\u003e71cf226\u003c/code\u003e\u003c/a\u003e v6-beta (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2298\"\u003e#2298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e\"\u003e\u003ccode\u003e069c695\u003c/code\u003e\u003c/a\u003e Persist creds to a separate file (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2286\"\u003e#2286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493\"\u003e\u003ccode\u003eff7abcd\u003c/code\u003e\u003c/a\u003e Update README to include Node.js 24 support details and requirements (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8\"\u003e\u003ccode\u003e08c6903\u003c/code\u003e\u003c/a\u003e Prepare v5.0.0 release (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2238\"\u003e#2238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/checkout/compare/v4...v6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 4.32.6 to 4.33.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.33.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.33.0 - 16 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.6 - 05 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3548\"\u003e#3548\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.5 - 02 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepositories owned by an organization can now set up the \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e custom repository property to disable \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis for CodeQL\u003c/a\u003e. First, create a custom repository property with the name \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e and the type \u0026quot;True/false\u0026quot; in the organization's settings. Then in the repository's settings, set this property to \u003ccode\u003etrue\u003c/code\u003e to disable improved incremental analysis. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. This feature is not yet available on GitHub Enterprise Server. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3507\"\u003e#3507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change so that when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e fails on a runner — potentially due to insufficient disk space — the failure is recorded in the Actions cache so that subsequent runs will automatically skip improved incremental analysis until something changes (e.g. a larger runner is provisioned or a new CodeQL version is released). We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3487\"\u003e#3487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe minimum memory check for improved incremental analysis is now skipped for CodeQL 2.24.3 and later, which has reduced peak RAM usage. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3515\"\u003e#3515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReduced log levels for best-effort private package registry connection check failures to reduce noise from workflow annotations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3516\"\u003e#3516\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which lowers the minimum disk space requirement for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e, enabling it to run on standard GitHub Actions runners. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3498\"\u003e#3498\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which allows the \u003ccode\u003estart-proxy\u003c/code\u003e action to resolve the CodeQL CLI version from feature flags instead of using the linked CLI bundle version. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3512\"\u003e#3512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe previously experimental changes from versions 4.32.3, 4.32.4, 3.32.3 and 3.32.4 are now enabled by default. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3503\"\u003e#3503\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3504\"\u003e#3504\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.4 - 20 Feb 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.2\"\u003e2.24.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3493\"\u003e#3493\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which improves how certificates are generated for the authentication proxy that is used by the CodeQL Action in Default Setup when \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e. This is expected to generate more widely compatible certificates and should have no impact on analyses which are working correctly already. We expect to roll this change out to everyone in February. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3473\"\u003e#3473\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen the CodeQL Action is run \u003ca href=\"https://docs.github.com/en/code-security/how-tos/scan-code-for-vulnerabilities/troubleshooting/troubleshooting-analysis-errors/logs-not-detailed-enough#creating-codeql-debugging-artifacts-for-codeql-default-setup\"\u003ewith debugging enabled in Default Setup\u003c/a\u003e and \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e, the \u0026quot;Setup proxy for registries\u0026quot; step will output additional diagnostic information that can be used for troubleshooting. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3486\"\u003e#3486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which allows the CodeQL Action to enable network debugging for Java programs. This will help GitHub staff support customers with troubleshooting issues in GitHub-managed CodeQL workflows, such as Default Setup. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3485\"\u003e#3485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which enables GitHub-managed workflows, such as Default Setup, to use a \u003ca href=\"https://github.com/dsp-testing/codeql-cli-nightlies\"\u003enightly CodeQL CLI release\u003c/a\u003e instead of the latest, stable release that is used by default. This will help GitHub staff support customers whose analyses for a given repository or organization require early access to a change in an upcoming CodeQL CLI release. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3484\"\u003e#3484\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.3 - 13 Feb 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded experimental support for testing connections to \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for Default Setup. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3466\"\u003e#3466\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.2 - 05 Feb 2026\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/b1bff81932f5cdfc8695c7752dcee935dcd061c8\"\u003e\u003ccode\u003eb1bff81\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3574\"\u003e#3574\u003c/a\u003e from github/update-v4.32.7-7dd76e6bf\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e682234222f60d9549e37004a04a8f097bbd5798\"\u003e\u003ccode\u003ee682234\u003c/code\u003e\u003c/a\u003e Add changelog entry for \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3570\"\u003e#3570\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/95be291f41a39216811b3ce1a63a8df71d40d405\"\u003e\u003ccode\u003e95be291\u003c/code\u003e\u003c/a\u003e Bump minor version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/59bcb6025e4788109a6bb8f7ac4ad9c6a8d6beeb\"\u003e\u003ccode\u003e59bcb60\u003c/code\u003e\u003c/a\u003e Update changelog for v4.32.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7dd76e6bf79d24133aa649887a6ee01d8b063816\"\u003e\u003ccode\u003e7dd76e6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3572\"\u003e#3572\u003c/a\u003e from github/mbg/pr-checks/eslint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e3200e331bf51e47d45a8a5645d2a125c8a8a643\"\u003e\u003ccode\u003ee3200e3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3563\"\u003e#3563\u003c/a\u003e from github/mbg/private-registry/oidc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/4c356c71a28eb968dbcf4fb717211e82f406874f\"\u003e\u003ccode\u003e4c356c7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3570\"\u003e#3570\u003c/a\u003e from github/mbg/repo-props/warn-on-unexpected-props\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/b4937c19e53d395cc647fe16c4e00788a4e7ded3\"\u003e\u003ccode\u003eb4937c1\u003c/code\u003e\u003c/a\u003e Only emit one message with accumulated property names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/136b8ab3777165e3ec7a19faa7ef9732ace305da\"\u003e\u003ccode\u003e136b8ab\u003c/code\u003e\u003c/a\u003e Remove \u003ccode\u003ecache-dependency-path\u003c/code\u003e options as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/a5aba5952cd5add76ec9f971654d61461a3ac2bd\"\u003e\u003ccode\u003ea5aba59\u003c/code\u003e\u003c/a\u003e Remove \u003ccode\u003epackage-lock.json\u003c/code\u003e that's no longer needed\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/0d579ffd059c29b07949a3cce3983f0780820c98...b1bff81932f5cdfc8695c7752dcee935dcd061c8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `erlef/setup-beam` from 1.22.0 to 1.23.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.23.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.23.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003e\u003ccode\u003eee09b1e\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to f8b54b5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/f8b54b559e6123caaab7f1aa113f60a5fad786e6\"\u003e\u003ccode\u003ef8b54b5\u003c/code\u003e\u003c/a\u003e Run ARM-specific tests consistently (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/434\"\u003e#434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf1ce7403467d283c9c2f605633ef849ed3781c8\"\u003e\u003ccode\u003ebf1ce74\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 559a930\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/559a93075107e8996bed015071364d5b82de6c9a\"\u003e\u003ccode\u003e559a930\u003c/code\u003e\u003c/a\u003e Bump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 director...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/1380ebe712baba142b98b84cf8d62c5235dfafc3\"\u003e\u003ccode\u003e1380ebe\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 0a54959\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/0a549596b00a62e47fdaf801584216a26b1831e8\"\u003e\u003ccode\u003e0a54959\u003c/code\u003e\u003c/a\u003e Compatibility matrix strategy (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/389\"\u003e#389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/3a3c94fd9e9380e45cecff3ab9f5b6b9e0d2f6da\"\u003e\u003ccode\u003e3a3c94f\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to cfafb69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/cfafb69dddf4265d6e7aa5232514b85b3f829076\"\u003e\u003ccode\u003ecfafb69\u003c/code\u003e\u003c/a\u003e feat: add Erlang problem matchers (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/433\"\u003e#433\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/b3cbb6afbf19923100205a2cc9ac78dbc5d87113\"\u003e\u003ccode\u003eb3cbb6a\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 2abe6cd\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/2abe6cda7aebef61794fefb3fb28ad5bab8bb158\"\u003e\u003ccode\u003e2abe6cd\u003c/code\u003e\u003c/a\u003e fix: download correct Gleam binary for macOS and Linux ARM64 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/428\"\u003e#428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/9d5b75ddfda22fb979d2270283237aef8aa68d6b...ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webfactory/ssh-agent` from 0.9.1 to 0.10.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webfactory/ssh-agent/releases\"\u003ewebfactory/ssh-agent's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.10.0: Upgrade to node-24\u003c/h2\u003e\n\u003cp\u003eThis release upgrades from node 20 to node 24, preparing for Node 20's upcoming EOL and getting rid of the related warning message in GitHub.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003euse node24 by \u003ca href=\"https://github.com/jimmymcpeter\"\u003e\u003ccode\u003e@​jimmymcpeter\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webfactory/ssh-agent/pull/243\"\u003ewebfactory/ssh-agent#243\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jimmymcpeter\"\u003e\u003ccode\u003e@​jimmymcpeter\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/webfactory/ssh-agent/pull/243\"\u003ewebfactory/ssh-agent#243\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/webfactory/ssh-agent/compare/v0.9.1...v0.10.0\"\u003ehttps://github.com/webfactory/ssh-agent/compare/v0.9.1...v0.10.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webfactory/ssh-agent/commit/e83874834305fe9a4a2997156cb26c5de65a8555\"\u003e\u003ccode\u003ee838748\u003c/code\u003e\u003c/a\u003e use node24 (\u003ca href=\"https://redirect.github.com/webfactory/ssh-agent/issues/243\"\u003e#243\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/webfactory/ssh-agent/compare/a6f90b1f127823b31d4d4a8d96047790581349bd...e83874834305fe9a4a2997156cb26c5de65a8555\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `Swatinem/rust-cache` from 2.8.2 to 2.9.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/swatinem/rust-cache/releases\"\u003eSwatinem/rust-cache's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.9.1\u003c/h2\u003e\n\u003cp\u003eFix regression in hash calculation\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Swatinem/rust-cache/compare/v2.9.0...v2.9.1\"\u003ehttps://github.com/Swatinem/rust-cache/compare/v2.9.0...v2.9.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.9.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for running rust-cache commands from within a Nix shell by \u003ca href=\"https://github.com/marc0246\"\u003e\u003ccode\u003e@​marc0246\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Swatinem/rust-cache/pull/290\"\u003eSwatinem/rust-cache#290\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump taiki-e/install-action from 2.62.57 to 2.62.60 in the actions group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/Swatinem/rust-cache/pull/291\"\u003eSwatinem/rust-cache#291\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump the actions group across 1 directory with 5 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/Swatinem/rust-cache/pull/296\"\u003eSwatinem/rust-cache#296\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump the prd-major group with 3 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/Swatinem/rust-cache/pull/294\"\u003eSwatinem/rust-cache#294\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.1 to 25.0.2 in the dev-major group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/Swatinem/rust-cache/pull/295\"\u003eSwatinem/rust-cache#295\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsider all installed toolchains in cache key by \u003ca href=\"https://github.com/tamird\"\u003e\u003ccode\u003e@​tamird\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Swatinem/rust-cache/pull/293\"\u003eSwatinem/rust-cache#293\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCompare case-insenitively for full cache key match by \u003ca href=\"https://github.com/kbriggs\"\u003e\u003ccode\u003e@​kbriggs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Swatinem/rust-cache/pull/303\"\u003eSwatinem/rust-cache#303\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMigrate to \u003ccode\u003enode24\u003c/code\u003e runner by \u003ca href=\"https://github.com/rhysd\"\u003e\u003ccode\u003e@​rhysd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Swatinem/rust-cache/pull/314\"\u003eSwatinem/rust-cache#314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump the actions group across 1 directory with 7 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/Swatinem/rust-cache/pull/312\"\u003eSwatinem/rust-cache#312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump the prd-minor group across 1 directory with 2 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/Swatinem/rust-cache/pull/307\"\u003eSwatinem/rust-cache#307\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​types/node\u003c/code\u003e from 25.0.2 to 25.2.2 in the dev-minor group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/Swatinem/rust-cache/pull/309\"\u003eSwatinem/rust-cache#309\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marc0246\"\u003e\u003ccode\u003e@​marc0246\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/Swatinem/rust-cache/pull/290\"\u003eSwatinem/rust-cache#290\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tamird\"\u003e\u003ccode\u003e@​tamird\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/Swatinem/rust-cache/pull/293\"\u003eSwatinem/rust-cache#293\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kbriggs\"\u003e\u003ccode\u003e@​kbriggs\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/Swatinem/rust-cache/pull/303\"\u003eSwatinem/rust-cache#303\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Swatinem/rust-cache/compare/v2.8.2...v2.9.0\"\u003ehttps://github.com/Swatinem/rust-cache/compare/v2.8.2...v2.9.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Swatinem/rust-cache/blob/master/CHANGELOG.md\"\u003eSwatinem/rust-cache's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e2.9.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression in hash calculation\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.9.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to \u003ccode\u003enode24\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSupport running from within a \u003ccode\u003enix\u003c/code\u003e shell\u003c/li\u003e\n\u003cli\u003eConsider all installed toolchains for cache key\u003c/li\u003e\n\u003cli\u003eUse case-insensitive comparison to determine exact cache hit\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.8.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDon't overwrite env for cargo-metadata call\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.8.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSet empty \u003ccode\u003eCARGO_ENCODED_RUSTFLAGS\u003c/code\u003e when retrieving metadata\u003c/li\u003e\n\u003cli\u003eVarious dependency updates\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for \u003ccode\u003ewarpbuild\u003c/code\u003e cache provider\u003c/li\u003e\n\u003cli\u003eAdd new \u003ccode\u003ecache-workspace-crates\u003c/code\u003e feature\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.7.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eInclude CPU arch in the cache key\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.7.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAlso cache \u003ccode\u003ecargo install\u003c/code\u003e metadata\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.7.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAllow opting out of caching $CARGO_HOME/bin\u003c/li\u003e\n\u003cli\u003eAdd runner OS in cache key\u003c/li\u003e\n\u003cli\u003eAdds an option to do lookup-only of the cache\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.7.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Cargo.lock format cargo-lock v4\u003c/li\u003e\n\u003cli\u003eOnly run macOsWorkaround() on macOS\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWork around upstream problem that causes cache saving to hang for minutes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Swatinem/rust-cache/commit/c19371144df3bb44fab255c43d04cbc2ab54d1c4\"\u003e\u003ccode\u003ec193711\u003c/code\u003e\u003c/a\u003e 2.9.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Swatinem/rust-cache/commit/781e8d91ab29deb65464798965e49853f963b561\"\u003e\u003ccode\u003e781e8d9\u003c/code\u003e\u003c/a\u003e try reverting pipeline change\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Swatinem/rust-cache/commit/3d1fa4654a5786f5537b1d31acd0f35e56de9924\"\u003e\u003ccode\u003e3d1fa46\u003c/code\u003e\u003c/a\u003e add changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Swatinem/rust-cache/commit/c676846f29d98ff6b0106d3608c7ffd4048af17b\"\u003e\u003ccode\u003ec676846\u003c/code\u003e\u003c/a\u003e 2.9.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Swatinem/rust-cache/commit/bf71d02c11df9d5253618f39943e9dd59f7fd5a9\"\u003e\u003ccode\u003ebf71d02\u003c/code\u003e\u003c/a\u003e bump dependencies and rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Swatinem/rust-cache/commit/8a02ed5e290d8afc7e587930243f3016b3223f50\"\u003e\u003ccode\u003e8a02ed5\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​types/node\u003c/code\u003e from 25.0.2 to 25.2.2 in the dev-minor group (\u003ca href=\"https://redirect.github.com/swatinem/rust-cache/issues/309\"\u003e#309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Swatinem/rust-cache/commit/390157d4874246aff722dd7f77e641fcae197678\"\u003e\u003ccode\u003e390157d\u003c/code\u003e\u003c/a\u003e Bump the prd-minor group across 1 directory with 2 updates (\u003ca href=\"https://redirect.github.com/swatinem/rust-cache/issues/307\"\u003e#307\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Swatinem/rust-cache/commit/68500c182e89a3f56d9b1de095d7e62f0ea5b8bf\"\u003e\u003ccode\u003e68500c1\u003c/code\u003e\u003c/a\u003e Bump the actions group across 1 directory with 7 updates (\u003ca href=\"https://redirect.github.com/swatinem/rust-cache/issues/312\"\u003e#312\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Swatinem/rust-cache/commit/1a8384176d7ed15c323a201c65073983cdb5a5be\"\u003e\u003ccode\u003e1a83841\u003c/code\u003e\u003c/a\u003e Migrate to \u003ccode\u003enode24\u003c/code\u003e runner (\u003ca href=\"https://redirect.github.com/swatinem/rust-cache/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Swatinem/rust-cache/commit/11da8522bc3856a8fbc565f1d1530989c793d67d\"\u003e\u003ccode\u003e11da852\u003c/code\u003e\u003c/a\u003e Compare case-insenitively for full cache key match (\u003ca href=\"https://redirect.github.com/swatinem/rust-cache/issues/303\"\u003e#303\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/swatinem/rust-cache/compare/779680da715d629ac1d338a641029a2f4372abb5...c19371144df3bb44fab255c43d04cbc2ab54d1c4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `codecov/codecov-action` from 5.5.2 to 5.5.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/codecov/codecov-action/releases\"\u003ecodecov/codecov-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.5.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump actions/github-script from 7.0.1 to 8.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1874\"\u003ecodecov/codecov-action#1874\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(release): bump to 5.5.3 by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1922\"\u003ecodecov/codecov-action#1922\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.5.2...v5.5.3\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.5.2...v5.5.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md\"\u003ecodecov/codecov-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.5.2\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.5.1\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: overwrite pr number on fork by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1871\"\u003ecodecov/codecov-action#1871\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.2.2 to 5.0.0 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1868\"\u003ecodecov/codecov-action#1868\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1867\"\u003ecodecov/codecov-action#1867\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update to use local app/ dir by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1872\"\u003ecodecov/codecov-action#1872\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix typo in README by \u003ca href=\"https://github.com/datalater\"\u003e\u003ccode\u003e@​datalater\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1866\"\u003ecodecov/codecov-action#1866\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument a \u003ccode\u003ecodecov-cli\u003c/code\u003e version reference example by \u003ca href=\"https://github.com/webknjaz\"\u003e\u003ccode\u003e@​webknjaz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1774\"\u003ecodecov/codecov-action#1774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1861\"\u003ecodecov/codecov-action#1861\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1833\"\u003ecodecov/codecov-action#1833\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.5.0\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: upgrade wrapper to 0.2.4 by \u003ca href=\"https://github.com/jviall\"\u003e\u003ccode\u003e@​jviall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1864\"\u003ecodecov/codecov-action#1864\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin actions/github-script by Git SHA by \u003ca href=\"https://github.com/martincostello\"\u003e\u003ccode\u003e@​martincostello\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1859\"\u003ecodecov/codecov-action#1859\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: check reqs exist by \u003ca href=\"https://github.com/joseph-sentry\"\u003e\u003ccode\u003e@​joseph-sentry\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1835\"\u003ecodecov/codecov-action#1835\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Typo in README by \u003ca href=\"https://github.com/spalmurray\"\u003e\u003ccode\u003e@​spalmurray\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1838\"\u003ecodecov/codecov-action#1838\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Refine OIDC docs by \u003ca href=\"https://github.com/spalmurray\"\u003e\u003ccode\u003e@​spalmurray\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1837\"\u003ecodecov/codecov-action#1837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1829\"\u003ecodecov/codecov-action#1829\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.4.3\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.17 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1822\"\u003ecodecov/codecov-action#1822\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: OIDC on forks by \u003ca href=\"https://github.com/joseph-sentry\"\u003e\u003ccode\u003e@​joseph-sentry\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1823\"\u003ecodecov/codecov-action#1823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.4.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-action/commit/1af58845a975a7985b0beb0cbe6fbbb71a41dbad\"\u003e\u003ccode\u003e1af5884\u003c/code\u003e\u003c/a\u003e chore(release): bump to 5.5.3 (\u003ca href=\"https://redirect.github.com/codecov/codecov-action/issues/1922\"\u003e#1922\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-action/commit/c143300dea6c9a730986ff862c5bf4d458927ef8\"\u003e\u003ccode\u003ec143300\u003c/code\u003e\u003c/a\u003e build(deps): bump actions/github-script from 7.0.1 to 8.0.0 (\u003ca href=\"https://redirect.github.com/codecov/codecov-action/issues/1874\"\u003e#1874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/codecov/codecov-action/compare/671740ac38dd9b0130fbe1cec585b89eea48d3de...1af58845a975a7985b0beb0cbe6fbbb71a41dbad\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/hyperpolymath/neurophone/pull/27","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyperpolymath%2Fneurophone/issues/27","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/27/packages"}},{"old_version":"1.22.0","new_version":"1.23.0","update_type":"minor","path":null,"pr_created_at":"2026-03-18T00:56:25.000Z","version_change":"1.22.0 → 1.23.0","issue":{"uuid":"4092025472","node_id":"PR_kwDOQhmAJs7LY6Qj","number":17,"state":"open","title":"chore(deps): bump the actions group with 5 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-18T00:56:25.000Z","updated_at":"2026-04-01T01:05:51.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"actions","update_count":5,"packages":[{"name":"actions/checkout","old_version":"4","new_version":"6","repository_url":"https://github.com/actions/checkout"},{"name":"github/codeql-action","old_version":"4.32.6","new_version":"4.33.0","repository_url":"https://github.com/github/codeql-action"},{"name":"actions/download-artifact","old_version":"8.0.0","new_version":"8.0.1","repository_url":"https://github.com/actions/download-artifact"},{"name":"erlef/setup-beam","old_version":"1.22.0","new_version":"1.23.0","repository_url":"https://github.com/erlef/setup-beam"},{"name":"webfactory/ssh-agent","old_version":"0.9.1","new_version":"0.10.0","repository_url":"https://github.com/webfactory/ssh-agent"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 5 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [actions/checkout](https://github.com/actions/checkout) | `4` | `6` |\n| [github/codeql-action](https://github.com/github/codeql-action) | `4.32.6` | `4.33.0` |\n| [actions/download-artifact](https://github.com/actions/download-artifact) | `8.0.0` | `8.0.1` |\n| [erlef/setup-beam](https://github.com/erlef/setup-beam) | `1.22.0` | `1.23.0` |\n| [webfactory/ssh-agent](https://github.com/webfactory/ssh-agent) | `0.9.1` | `0.10.0` |\n\nUpdates `actions/checkout` from 4 to 6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/releases\"\u003eactions/checkout's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev6-beta by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2298\"\u003eactions/checkout#2298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate readme/changelog for v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2311\"\u003eactions/checkout#2311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/checkout/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6-beta\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eUpdated persist-credentials to store the credentials under \u003ccode\u003e$RUNNER_TEMP\u003c/code\u003e instead of directly in the local git config.\u003c/p\u003e\n\u003cp\u003eThis requires a minimum Actions Runner version of \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.329.0\"\u003ev2.329.0\u003c/a\u003e to access the persisted credentials for \u003ca href=\"https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action\"\u003eDocker container action\u003c/a\u003e scenarios.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5...v5.0.1\"\u003ehttps://github.com/actions/checkout/compare/v5...v5.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare v5.0.0 release by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2238\"\u003eactions/checkout#2238\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eMake sure your runner is updated to this version or newer to use this release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v4...v5.0.0\"\u003ehttps://github.com/actions/checkout/compare/v4...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v4...v4.3.1\"\u003ehttps://github.com/actions/checkout/compare/v4...v4.3.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca href=\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca href=\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca href=\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003e\u003ccode\u003ede0fac2\u003c/code\u003e\u003c/a\u003e Fix tag handling: preserve annotations and explicit fetch-tags (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2356\"\u003e#2356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49\"\u003e\u003ccode\u003e064fe7f\u003c/code\u003e\u003c/a\u003e Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8\"\u003e\u003ccode\u003e8e8c483\u003c/code\u003e\u003c/a\u003e Clarify v6 README (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2328\"\u003e#2328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1\"\u003e\u003ccode\u003e033fa0d\u003c/code\u003e\u003c/a\u003e Add worktree support for persist-credentials includeIf (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2327\"\u003e#2327\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5\"\u003e\u003ccode\u003ec2d88d3\u003c/code\u003e\u003c/a\u003e Update all references from v5 and v4 to v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2314\"\u003e#2314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3\"\u003e\u003ccode\u003e1af3b93\u003c/code\u003e\u003c/a\u003e update readme/changelog for v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2311\"\u003e#2311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e\"\u003e\u003ccode\u003e71cf226\u003c/code\u003e\u003c/a\u003e v6-beta (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2298\"\u003e#2298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e\"\u003e\u003ccode\u003e069c695\u003c/code\u003e\u003c/a\u003e Persist creds to a separate file (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2286\"\u003e#2286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493\"\u003e\u003ccode\u003eff7abcd\u003c/code\u003e\u003c/a\u003e Update README to include Node.js 24 support details and requirements (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8\"\u003e\u003ccode\u003e08c6903\u003c/code\u003e\u003c/a\u003e Prepare v5.0.0 release (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2238\"\u003e#2238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/checkout/compare/v4...v6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 4.32.6 to 4.33.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.33.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.33.0 - 16 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.6 - 05 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3548\"\u003e#3548\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.5 - 02 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepositories owned by an organization can now set up the \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e custom repository property to disable \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis for CodeQL\u003c/a\u003e. First, create a custom repository property with the name \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e and the type \u0026quot;True/false\u0026quot; in the organization's settings. Then in the repository's settings, set this property to \u003ccode\u003etrue\u003c/code\u003e to disable improved incremental analysis. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. This feature is not yet available on GitHub Enterprise Server. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3507\"\u003e#3507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change so that when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e fails on a runner — potentially due to insufficient disk space — the failure is recorded in the Actions cache so that subsequent runs will automatically skip improved incremental analysis until something changes (e.g. a larger runner is provisioned or a new CodeQL version is released). We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3487\"\u003e#3487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe minimum memory check for improved incremental analysis is now skipped for CodeQL 2.24.3 and later, which has reduced peak RAM usage. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3515\"\u003e#3515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReduced log levels for best-effort private package registry connection check failures to reduce noise from workflow annotations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3516\"\u003e#3516\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which lowers the minimum disk space requirement for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e, enabling it to run on standard GitHub Actions runners. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3498\"\u003e#3498\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which allows the \u003ccode\u003estart-proxy\u003c/code\u003e action to resolve the CodeQL CLI version from feature flags instead of using the linked CLI bundle version. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3512\"\u003e#3512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe previously experimental changes from versions 4.32.3, 4.32.4, 3.32.3 and 3.32.4 are now enabled by default. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3503\"\u003e#3503\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3504\"\u003e#3504\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.4 - 20 Feb 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.2\"\u003e2.24.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3493\"\u003e#3493\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which improves how certificates are generated for the authentication proxy that is used by the CodeQL Action in Default Setup when \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e. This is expected to generate more widely compatible certificates and should have no impact on analyses which are working correctly already. We expect to roll this change out to everyone in February. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3473\"\u003e#3473\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen the CodeQL Action is run \u003ca href=\"https://docs.github.com/en/code-security/how-tos/scan-code-for-vulnerabilities/troubleshooting/troubleshooting-analysis-errors/logs-not-detailed-enough#creating-codeql-debugging-artifacts-for-codeql-default-setup\"\u003ewith debugging enabled in Default Setup\u003c/a\u003e and \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries are configured\u003c/a\u003e, the \u0026quot;Setup proxy for registries\u0026quot; step will output additional diagnostic information that can be used for troubleshooting. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3486\"\u003e#3486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which allows the CodeQL Action to enable network debugging for Java programs. This will help GitHub staff support customers with troubleshooting issues in GitHub-managed CodeQL workflows, such as Default Setup. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3485\"\u003e#3485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded a setting which enables GitHub-managed workflows, such as Default Setup, to use a \u003ca href=\"https://github.com/dsp-testing/codeql-cli-nightlies\"\u003enightly CodeQL CLI release\u003c/a\u003e instead of the latest, stable release that is used by default. This will help GitHub staff support customers whose analyses for a given repository or organization require early access to a change in an upcoming CodeQL CLI release. This setting can only be enabled by GitHub staff. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3484\"\u003e#3484\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.3 - 13 Feb 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded experimental support for testing connections to \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for Default Setup. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3466\"\u003e#3466\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.2 - 05 Feb 2026\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/b1bff81932f5cdfc8695c7752dcee935dcd061c8\"\u003e\u003ccode\u003eb1bff81\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3574\"\u003e#3574\u003c/a\u003e from github/update-v4.32.7-7dd76e6bf\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e682234222f60d9549e37004a04a8f097bbd5798\"\u003e\u003ccode\u003ee682234\u003c/code\u003e\u003c/a\u003e Add changelog entry for \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3570\"\u003e#3570\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/95be291f41a39216811b3ce1a63a8df71d40d405\"\u003e\u003ccode\u003e95be291\u003c/code\u003e\u003c/a\u003e Bump minor version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/59bcb6025e4788109a6bb8f7ac4ad9c6a8d6beeb\"\u003e\u003ccode\u003e59bcb60\u003c/code\u003e\u003c/a\u003e Update changelog for v4.32.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7dd76e6bf79d24133aa649887a6ee01d8b063816\"\u003e\u003ccode\u003e7dd76e6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3572\"\u003e#3572\u003c/a\u003e from github/mbg/pr-checks/eslint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e3200e331bf51e47d45a8a5645d2a125c8a8a643\"\u003e\u003ccode\u003ee3200e3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3563\"\u003e#3563\u003c/a\u003e from github/mbg/private-registry/oidc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/4c356c71a28eb968dbcf4fb717211e82f406874f\"\u003e\u003ccode\u003e4c356c7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3570\"\u003e#3570\u003c/a\u003e from github/mbg/repo-props/warn-on-unexpected-props\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/b4937c19e53d395cc647fe16c4e00788a4e7ded3\"\u003e\u003ccode\u003eb4937c1\u003c/code\u003e\u003c/a\u003e Only emit one message with accumulated property names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/136b8ab3777165e3ec7a19faa7ef9732ace305da\"\u003e\u003ccode\u003e136b8ab\u003c/code\u003e\u003c/a\u003e Remove \u003ccode\u003ecache-dependency-path\u003c/code\u003e options as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/a5aba5952cd5add76ec9f971654d61461a3ac2bd\"\u003e\u003ccode\u003ea5aba59\u003c/code\u003e\u003c/a\u003e Remove \u003ccode\u003epackage-lock.json\u003c/code\u003e that's no longer needed\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/0d579ffd059c29b07949a3cce3983f0780820c98...b1bff81932f5cdfc8695c7752dcee935dcd061c8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/download-artifact` from 8.0.0 to 8.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/download-artifact/releases\"\u003eactions/download-artifact's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for CJK characters in the artifact name by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/download-artifact/pull/471\"\u003eactions/download-artifact#471\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd a regression test for artifact name + content-type mismatches by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/download-artifact/pull/472\"\u003eactions/download-artifact#472\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/download-artifact/compare/v8...v8.0.1\"\u003ehttps://github.com/actions/download-artifact/compare/v8...v8.0.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/download-artifact/commit/3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c\"\u003e\u003ccode\u003e3e5f45b\u003c/code\u003e\u003c/a\u003e Add regression tests for CJK characters (\u003ca href=\"https://redirect.github.com/actions/download-artifact/issues/471\"\u003e#471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/download-artifact/commit/e6d03f67377d4412c7aa56a8e2e4988e6ec479dd\"\u003e\u003ccode\u003ee6d03f6\u003c/code\u003e\u003c/a\u003e Add a regression test for artifact name + content-type mismatches (\u003ca href=\"https://redirect.github.com/actions/download-artifact/issues/472\"\u003e#472\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/actions/download-artifact/compare/70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3...3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `erlef/setup-beam` from 1.22.0 to 1.23.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.23.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.23.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003e\u003ccode\u003eee09b1e\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to f8b54b5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/f8b54b559e6123caaab7f1aa113f60a5fad786e6\"\u003e\u003ccode\u003ef8b54b5\u003c/code\u003e\u003c/a\u003e Run ARM-specific tests consistently (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/434\"\u003e#434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf1ce7403467d283c9c2f605633ef849ed3781c8\"\u003e\u003ccode\u003ebf1ce74\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 559a930\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/559a93075107e8996bed015071364d5b82de6c9a\"\u003e\u003ccode\u003e559a930\u003c/code\u003e\u003c/a\u003e Bump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 director...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/1380ebe712baba142b98b84cf8d62c5235dfafc3\"\u003e\u003ccode\u003e1380ebe\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 0a54959\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/0a549596b00a62e47fdaf801584216a26b1831e8\"\u003e\u003ccode\u003e0a54959\u003c/code\u003e\u003c/a\u003e Compatibility matrix strategy (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/389\"\u003e#389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/3a3c94fd9e9380e45cecff3ab9f5b6b9e0d2f6da\"\u003e\u003ccode\u003e3a3c94f\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to cfafb69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/cfafb69dddf4265d6e7aa5232514b85b3f829076\"\u003e\u003ccode\u003ecfafb69\u003c/code\u003e\u003c/a\u003e feat: add Erlang problem matchers (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/433\"\u003e#433\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/b3cbb6afbf19923100205a2cc9ac78dbc5d87113\"\u003e\u003ccode\u003eb3cbb6a\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 2abe6cd\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/2abe6cda7aebef61794fefb3fb28ad5bab8bb158\"\u003e\u003ccode\u003e2abe6cd\u003c/code\u003e\u003c/a\u003e fix: download correct Gleam binary for macOS and Linux ARM64 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/428\"\u003e#428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/9d5b75ddfda22fb979d2270283237aef8aa68d6b...ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webfactory/ssh-agent` from 0.9.1 to 0.10.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webfactory/ssh-agent/releases\"\u003ewebfactory/ssh-agent's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.10.0: Upgrade to node-24\u003c/h2\u003e\n\u003cp\u003eThis release upgrades from node 20 to node 24, preparing for Node 20's upcoming EOL and getting rid of the related warning message in GitHub.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003euse node24 by \u003ca href=\"https://github.com/jimmymcpeter\"\u003e\u003ccode\u003e@​jimmymcpeter\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webfactory/ssh-agent/pull/243\"\u003ewebfactory/ssh-agent#243\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jimmymcpeter\"\u003e\u003ccode\u003e@​jimmymcpeter\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/webfactory/ssh-agent/pull/243\"\u003ewebfactory/ssh-agent#243\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/webfactory/ssh-agent/compare/v0.9.1...v0.10.0\"\u003ehttps://github.com/webfactory/ssh-agent/compare/v0.9.1...v0.10.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webfactory/ssh-agent/commit/e83874834305fe9a4a2997156cb26c5de65a8555\"\u003e\u003ccode\u003ee838748\u003c/code\u003e\u003c/a\u003e use node24 (\u003ca href=\"https://redirect.github.com/webfactory/ssh-agent/issues/243\"\u003e#243\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/webfactory/ssh-agent/compare/a6f90b1f127823b31d4d4a8d96047790581349bd...e83874834305fe9a4a2997156cb26c5de65a8555\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/hyperpolymath/fireflag/pull/17","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyperpolymath%2Ffireflag/issues/17","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/17/packages"}},{"old_version":"1.22.0","new_version":"1.23.0","update_type":"minor","path":null,"pr_created_at":"2026-03-16T21:24:03.000Z","version_change":"1.22.0 → 1.23.0","issue":{"uuid":"4084858024","node_id":"PR_kwDOQqj8l87LCuoP","number":81,"state":"open","title":"chore(deps): bump erlef/setup-beam from 1.22.0 to 1.23.0","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-16T21:24:03.000Z","updated_at":"2026-03-16T21:24:08.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"erlef/setup-beam","old_version":"1.22.0","new_version":"1.23.0","repository_url":"https://github.com/erlef/setup-beam"}],"path":null,"ecosystem":"actions"},"body":"Bumps [erlef/setup-beam](https://github.com/erlef/setup-beam) from 1.22.0 to 1.23.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.23.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.23.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003e\u003ccode\u003eee09b1e\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to f8b54b5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/f8b54b559e6123caaab7f1aa113f60a5fad786e6\"\u003e\u003ccode\u003ef8b54b5\u003c/code\u003e\u003c/a\u003e Run ARM-specific tests consistently (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/434\"\u003e#434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf1ce7403467d283c9c2f605633ef849ed3781c8\"\u003e\u003ccode\u003ebf1ce74\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 559a930\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/559a93075107e8996bed015071364d5b82de6c9a\"\u003e\u003ccode\u003e559a930\u003c/code\u003e\u003c/a\u003e Bump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 director...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/1380ebe712baba142b98b84cf8d62c5235dfafc3\"\u003e\u003ccode\u003e1380ebe\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 0a54959\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/0a549596b00a62e47fdaf801584216a26b1831e8\"\u003e\u003ccode\u003e0a54959\u003c/code\u003e\u003c/a\u003e Compatibility matrix strategy (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/389\"\u003e#389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/3a3c94fd9e9380e45cecff3ab9f5b6b9e0d2f6da\"\u003e\u003ccode\u003e3a3c94f\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to cfafb69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/cfafb69dddf4265d6e7aa5232514b85b3f829076\"\u003e\u003ccode\u003ecfafb69\u003c/code\u003e\u003c/a\u003e feat: add Erlang problem matchers (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/433\"\u003e#433\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/b3cbb6afbf19923100205a2cc9ac78dbc5d87113\"\u003e\u003ccode\u003eb3cbb6a\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 2abe6cd\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/2abe6cda7aebef61794fefb3fb28ad5bab8bb158\"\u003e\u003ccode\u003e2abe6cd\u003c/code\u003e\u003c/a\u003e fix: download correct Gleam binary for macOS and Linux ARM64 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/428\"\u003e#428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/9d5b75ddfda22fb979d2270283237aef8aa68d6b...ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=erlef/setup-beam\u0026package-manager=github_actions\u0026previous-version=1.22.0\u0026new-version=1.23.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/hyperpolymath/hypatia/pull/81","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyperpolymath%2Fhypatia/issues/81","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/81/packages"}},{"old_version":"1.22.0","new_version":"1.23.0","update_type":"minor","path":null,"pr_created_at":"2026-03-16T13:16:52.000Z","version_change":"1.22.0 → 1.23.0","issue":{"uuid":"4082434541","node_id":"PR_kwDOQwL5ec7K63aL","number":36,"state":"open","title":"chore(deps): bump erlef/setup-beam from 1.22.0 to 1.23.0","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-16T13:16:52.000Z","updated_at":"2026-03-16T13:16:58.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"erlef/setup-beam","old_version":"1.22.0","new_version":"1.23.0","repository_url":"https://github.com/erlef/setup-beam"}],"path":null,"ecosystem":"actions"},"body":"Bumps [erlef/setup-beam](https://github.com/erlef/setup-beam) from 1.22.0 to 1.23.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.23.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.23.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003e\u003ccode\u003eee09b1e\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to f8b54b5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/f8b54b559e6123caaab7f1aa113f60a5fad786e6\"\u003e\u003ccode\u003ef8b54b5\u003c/code\u003e\u003c/a\u003e Run ARM-specific tests consistently (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/434\"\u003e#434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf1ce7403467d283c9c2f605633ef849ed3781c8\"\u003e\u003ccode\u003ebf1ce74\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 559a930\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/559a93075107e8996bed015071364d5b82de6c9a\"\u003e\u003ccode\u003e559a930\u003c/code\u003e\u003c/a\u003e Bump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 director...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/1380ebe712baba142b98b84cf8d62c5235dfafc3\"\u003e\u003ccode\u003e1380ebe\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 0a54959\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/0a549596b00a62e47fdaf801584216a26b1831e8\"\u003e\u003ccode\u003e0a54959\u003c/code\u003e\u003c/a\u003e Compatibility matrix strategy (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/389\"\u003e#389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/3a3c94fd9e9380e45cecff3ab9f5b6b9e0d2f6da\"\u003e\u003ccode\u003e3a3c94f\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to cfafb69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/cfafb69dddf4265d6e7aa5232514b85b3f829076\"\u003e\u003ccode\u003ecfafb69\u003c/code\u003e\u003c/a\u003e feat: add Erlang problem matchers (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/433\"\u003e#433\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/b3cbb6afbf19923100205a2cc9ac78dbc5d87113\"\u003e\u003ccode\u003eb3cbb6a\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 2abe6cd\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/2abe6cda7aebef61794fefb3fb28ad5bab8bb158\"\u003e\u003ccode\u003e2abe6cd\u003c/code\u003e\u003c/a\u003e fix: download correct Gleam binary for macOS and Linux ARM64 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/428\"\u003e#428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/9d5b75ddfda22fb979d2270283237aef8aa68d6b...ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=erlef/setup-beam\u0026package-manager=github_actions\u0026previous-version=1.22.0\u0026new-version=1.23.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/hyperpolymath/ipfs-overlay/pull/36","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyperpolymath%2Fipfs-overlay/issues/36","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/36/packages"}},{"old_version":"1.20.4","new_version":"1.23.0","update_type":"minor","path":null,"pr_created_at":"2026-03-16T03:37:06.000Z","version_change":"1.20.4 → 1.23.0","issue":{"uuid":"4080026643","node_id":"PR_kwDOPttR4c7KzCH0","number":69,"state":"closed","title":"build(deps): bump erlef/setup-beam from 1.20.4 to 1.23.0","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-06T03:37:11.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-16T03:37:06.000Z","updated_at":"2026-04-06T03:37:13.000Z","time_to_close":1814405,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"erlef/setup-beam","old_version":"1.20.4","new_version":"1.23.0","repository_url":"https://github.com/erlef/setup-beam"}],"path":null,"ecosystem":"actions"},"body":"Bumps [erlef/setup-beam](https://github.com/erlef/setup-beam) from 1.20.4 to 1.23.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.23.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.23.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.22.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003emise.toml\u003c/code\u003e as \u003ccode\u003eversion-file\u003c/code\u003e (input) by \u003ca href=\"https://github.com/dinokovac-river\"\u003e\u003ccode\u003e@​dinokovac-river\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/415\"\u003eerlef/setup-beam#415\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDependabot updates\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/419\"\u003eerlef/setup-beam#419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/exec\u003c/code\u003e from 1.1.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/405\"\u003eerlef/setup-beam#405\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/tool-cache\u003c/code\u003e from 2.0.2 to 4.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/407\"\u003eerlef/setup-beam#407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​eslint/js\u003c/code\u003e from 9.38.0 to 10.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/404\"\u003eerlef/setup-beam#404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.1.0 to 6.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/409\"\u003eerlef/setup-beam#409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.2.0 to 6.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/423\"\u003eerlef/setup-beam#423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint from 10.0.1 to 10.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/420\"\u003eerlef/setup-beam#420\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint-plugin-yml from 1.18.0 to 3.3.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/418\"\u003eerlef/setup-beam#418\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump globals from 17.3.0 to 17.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/421\"\u003eerlef/setup-beam#421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump markdownlint-cli from 0.47.0 to 0.48.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/422\"\u003eerlef/setup-beam#422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump prettier from 3.6.2 to 3.8.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/408\"\u003eerlef/setup-beam#408\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.0 to 2.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/410\"\u003eerlef/setup-beam#410\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.1 to 2.1.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/424\"\u003eerlef/setup-beam#424\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003e\u003ccode\u003eee09b1e\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to f8b54b5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/f8b54b559e6123caaab7f1aa113f60a5fad786e6\"\u003e\u003ccode\u003ef8b54b5\u003c/code\u003e\u003c/a\u003e Run ARM-specific tests consistently (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/434\"\u003e#434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf1ce7403467d283c9c2f605633ef849ed3781c8\"\u003e\u003ccode\u003ebf1ce74\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 559a930\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/559a93075107e8996bed015071364d5b82de6c9a\"\u003e\u003ccode\u003e559a930\u003c/code\u003e\u003c/a\u003e Bump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 director...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/1380ebe712baba142b98b84cf8d62c5235dfafc3\"\u003e\u003ccode\u003e1380ebe\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 0a54959\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/0a549596b00a62e47fdaf801584216a26b1831e8\"\u003e\u003ccode\u003e0a54959\u003c/code\u003e\u003c/a\u003e Compatibility matrix strategy (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/389\"\u003e#389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/3a3c94fd9e9380e45cecff3ab9f5b6b9e0d2f6da\"\u003e\u003ccode\u003e3a3c94f\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to cfafb69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/cfafb69dddf4265d6e7aa5232514b85b3f829076\"\u003e\u003ccode\u003ecfafb69\u003c/code\u003e\u003c/a\u003e feat: add Erlang problem matchers (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/433\"\u003e#433\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/b3cbb6afbf19923100205a2cc9ac78dbc5d87113\"\u003e\u003ccode\u003eb3cbb6a\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 2abe6cd\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/2abe6cda7aebef61794fefb3fb28ad5bab8bb158\"\u003e\u003ccode\u003e2abe6cd\u003c/code\u003e\u003c/a\u003e fix: download correct Gleam binary for macOS and Linux ARM64 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/428\"\u003e#428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/e6d7c94229049569db56a7ad5a540c051a010af9...ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=erlef/setup-beam\u0026package-manager=github_actions\u0026previous-version=1.20.4\u0026new-version=1.23.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Brickell-Research/caffeine_lang/pull/69","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Brickell-Research%2Fcaffeine_lang/issues/69","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/69/packages"}},{"old_version":"1.20.4","new_version":"1.23.0","update_type":"minor","path":null,"pr_created_at":"2026-03-16T02:55:29.000Z","version_change":"1.20.4 → 1.23.0","issue":{"uuid":"4079926263","node_id":"PR_kwDOLkdYl87Kyuab","number":53,"state":"closed","title":"Bump erlef/setup-beam from 1.20.4 to 1.23.0","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-31T02:54:17.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-16T02:55:29.000Z","updated_at":"2026-03-31T02:54:19.000Z","time_to_close":1295928,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"erlef/setup-beam","old_version":"1.20.4","new_version":"1.23.0","repository_url":"https://github.com/erlef/setup-beam"}],"path":null,"ecosystem":"actions"},"body":"Bumps [erlef/setup-beam](https://github.com/erlef/setup-beam) from 1.20.4 to 1.23.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.23.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.23.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.22.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003emise.toml\u003c/code\u003e as \u003ccode\u003eversion-file\u003c/code\u003e (input) by \u003ca href=\"https://github.com/dinokovac-river\"\u003e\u003ccode\u003e@​dinokovac-river\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/415\"\u003eerlef/setup-beam#415\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDependabot updates\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/419\"\u003eerlef/setup-beam#419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/exec\u003c/code\u003e from 1.1.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/405\"\u003eerlef/setup-beam#405\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/tool-cache\u003c/code\u003e from 2.0.2 to 4.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/407\"\u003eerlef/setup-beam#407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​eslint/js\u003c/code\u003e from 9.38.0 to 10.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/404\"\u003eerlef/setup-beam#404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.1.0 to 6.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/409\"\u003eerlef/setup-beam#409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.2.0 to 6.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/423\"\u003eerlef/setup-beam#423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint from 10.0.1 to 10.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/420\"\u003eerlef/setup-beam#420\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint-plugin-yml from 1.18.0 to 3.3.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/418\"\u003eerlef/setup-beam#418\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump globals from 17.3.0 to 17.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/421\"\u003eerlef/setup-beam#421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump markdownlint-cli from 0.47.0 to 0.48.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/422\"\u003eerlef/setup-beam#422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump prettier from 3.6.2 to 3.8.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/408\"\u003eerlef/setup-beam#408\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.0 to 2.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/410\"\u003eerlef/setup-beam#410\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.1 to 2.1.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/424\"\u003eerlef/setup-beam#424\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003e\u003ccode\u003eee09b1e\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to f8b54b5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/f8b54b559e6123caaab7f1aa113f60a5fad786e6\"\u003e\u003ccode\u003ef8b54b5\u003c/code\u003e\u003c/a\u003e Run ARM-specific tests consistently (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/434\"\u003e#434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf1ce7403467d283c9c2f605633ef849ed3781c8\"\u003e\u003ccode\u003ebf1ce74\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 559a930\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/559a93075107e8996bed015071364d5b82de6c9a\"\u003e\u003ccode\u003e559a930\u003c/code\u003e\u003c/a\u003e Bump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 director...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/1380ebe712baba142b98b84cf8d62c5235dfafc3\"\u003e\u003ccode\u003e1380ebe\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 0a54959\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/0a549596b00a62e47fdaf801584216a26b1831e8\"\u003e\u003ccode\u003e0a54959\u003c/code\u003e\u003c/a\u003e Compatibility matrix strategy (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/389\"\u003e#389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/3a3c94fd9e9380e45cecff3ab9f5b6b9e0d2f6da\"\u003e\u003ccode\u003e3a3c94f\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to cfafb69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/cfafb69dddf4265d6e7aa5232514b85b3f829076\"\u003e\u003ccode\u003ecfafb69\u003c/code\u003e\u003c/a\u003e feat: add Erlang problem matchers (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/433\"\u003e#433\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/b3cbb6afbf19923100205a2cc9ac78dbc5d87113\"\u003e\u003ccode\u003eb3cbb6a\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 2abe6cd\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/2abe6cda7aebef61794fefb3fb28ad5bab8bb158\"\u003e\u003ccode\u003e2abe6cd\u003c/code\u003e\u003c/a\u003e fix: download correct Gleam binary for macOS and Linux ARM64 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/428\"\u003e#428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/e6d7c94229049569db56a7ad5a540c051a010af9...ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=erlef/setup-beam\u0026package-manager=github_actions\u0026previous-version=1.20.4\u0026new-version=1.23.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/kzemek/es6_maps/pull/53","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/kzemek%2Fes6_maps/issues/53","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/53/packages"}},{"old_version":"1.21.0","new_version":"1.23.0","update_type":"minor","path":null,"pr_created_at":"2026-03-15T00:23:40.000Z","version_change":"1.21.0 → 1.23.0","issue":{"uuid":"4077165751","node_id":"PR_kwDOQbHBX87Kqp1p","number":15,"state":"open","title":"chore(deps): bump the actions group with 3 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-15T00:23:40.000Z","updated_at":"2026-03-15T00:23:46.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"actions","update_count":3,"packages":[{"name":"erlef/setup-beam","old_version":"1.21.0","new_version":"1.23.0","repository_url":"https://github.com/erlef/setup-beam"},{"name":"webfactory/ssh-agent","old_version":"0.9.1","new_version":"0.10.0","repository_url":"https://github.com/webfactory/ssh-agent"},{"name":"trufflesecurity/trufflehog","old_version":"3.93.7","new_version":"3.93.8","repository_url":"https://github.com/trufflesecurity/trufflehog"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 3 updates: [erlef/setup-beam](https://github.com/erlef/setup-beam), [webfactory/ssh-agent](https://github.com/webfactory/ssh-agent) and [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog).\n\nUpdates `erlef/setup-beam` from 1.21.0 to 1.23.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add macOS-26 to supported ImageOS mappings by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/430\"\u003eerlef/setup-beam#430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add Erlang problem matchers by \u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use dynamic import in tests to prevent ESM hoisting race by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: download correct Gleam binary for macOS and Linux ARM64 by \u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/428\"\u003eerlef/setup-beam#428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun ARM-specific tests consistently by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/434\"\u003eerlef/setup-beam#434\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCompatibility matrix strategy by \u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/425\"\u003eerlef/setup-beam#425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/432\"\u003eerlef/setup-beam#432\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/petermm\"\u003e\u003ccode\u003e@​petermm\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/429\"\u003eerlef/setup-beam#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Taure\"\u003e\u003ccode\u003e@​Taure\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/433\"\u003eerlef/setup-beam#433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastiw\"\u003e\u003ccode\u003e@​sebastiw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/389\"\u003eerlef/setup-beam#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1...v1.23.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1...v1.23.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.22.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003emise.toml\u003c/code\u003e as \u003ccode\u003eversion-file\u003c/code\u003e (input) by \u003ca href=\"https://github.com/dinokovac-river\"\u003e\u003ccode\u003e@​dinokovac-river\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/415\"\u003eerlef/setup-beam#415\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDependabot updates\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/419\"\u003eerlef/setup-beam#419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/exec\u003c/code\u003e from 1.1.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/405\"\u003eerlef/setup-beam#405\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/tool-cache\u003c/code\u003e from 2.0.2 to 4.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/407\"\u003eerlef/setup-beam#407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​eslint/js\u003c/code\u003e from 9.38.0 to 10.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/404\"\u003eerlef/setup-beam#404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.1.0 to 6.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/409\"\u003eerlef/setup-beam#409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.2.0 to 6.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/423\"\u003eerlef/setup-beam#423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint from 10.0.1 to 10.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/420\"\u003eerlef/setup-beam#420\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint-plugin-yml from 1.18.0 to 3.3.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/418\"\u003eerlef/setup-beam#418\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump globals from 17.3.0 to 17.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/421\"\u003eerlef/setup-beam#421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump markdownlint-cli from 0.47.0 to 0.48.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/422\"\u003eerlef/setup-beam#422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump prettier from 3.6.2 to 3.8.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/408\"\u003eerlef/setup-beam#408\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.0 to 2.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/410\"\u003eerlef/setup-beam#410\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.1 to 2.1.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/424\"\u003eerlef/setup-beam#424\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003e\u003ccode\u003eee09b1e\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to f8b54b5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/f8b54b559e6123caaab7f1aa113f60a5fad786e6\"\u003e\u003ccode\u003ef8b54b5\u003c/code\u003e\u003c/a\u003e Run ARM-specific tests consistently (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/434\"\u003e#434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/bf1ce7403467d283c9c2f605633ef849ed3781c8\"\u003e\u003ccode\u003ebf1ce74\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 559a930\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/559a93075107e8996bed015071364d5b82de6c9a\"\u003e\u003ccode\u003e559a930\u003c/code\u003e\u003c/a\u003e Bump undici from 6.23.0 to 6.24.0 in the npm_and_yarn group across 1 director...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/1380ebe712baba142b98b84cf8d62c5235dfafc3\"\u003e\u003ccode\u003e1380ebe\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 0a54959\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/0a549596b00a62e47fdaf801584216a26b1831e8\"\u003e\u003ccode\u003e0a54959\u003c/code\u003e\u003c/a\u003e Compatibility matrix strategy (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/389\"\u003e#389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/3a3c94fd9e9380e45cecff3ab9f5b6b9e0d2f6da\"\u003e\u003ccode\u003e3a3c94f\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to cfafb69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/cfafb69dddf4265d6e7aa5232514b85b3f829076\"\u003e\u003ccode\u003ecfafb69\u003c/code\u003e\u003c/a\u003e feat: add Erlang problem matchers (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/433\"\u003e#433\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/b3cbb6afbf19923100205a2cc9ac78dbc5d87113\"\u003e\u003ccode\u003eb3cbb6a\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 2abe6cd\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/2abe6cda7aebef61794fefb3fb28ad5bab8bb158\"\u003e\u003ccode\u003e2abe6cd\u003c/code\u003e\u003c/a\u003e fix: download correct Gleam binary for macOS and Linux ARM64 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/428\"\u003e#428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/3580539ceec3dc05b0ed51e9e10b08eb7a7c2bb4...ee09b1e59bb240681c382eb1f0abc6a04af72764\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webfactory/ssh-agent` from 0.9.1 to 0.10.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webfactory/ssh-agent/releases\"\u003ewebfactory/ssh-agent's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.10.0: Upgrade to node-24\u003c/h2\u003e\n\u003cp\u003eThis release upgrades from node 20 to node 24, preparing for Node 20's upcoming EOL and getting rid of the related warning message in GitHub.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003euse node24 by \u003ca href=\"https://github.com/jimmymcpeter\"\u003e\u003ccode\u003e@​jimmymcpeter\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webfactory/ssh-agent/pull/243\"\u003ewebfactory/ssh-agent#243\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jimmymcpeter\"\u003e\u003ccode\u003e@​jimmymcpeter\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/webfactory/ssh-agent/pull/243\"\u003ewebfactory/ssh-agent#243\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/webfactory/ssh-agent/compare/v0.9.1...v0.10.0\"\u003ehttps://github.com/webfactory/ssh-agent/compare/v0.9.1...v0.10.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webfactory/ssh-agent/commit/e83874834305fe9a4a2997156cb26c5de65a8555\"\u003e\u003ccode\u003ee838748\u003c/code\u003e\u003c/a\u003e use node24 (\u003ca href=\"https://redirect.github.com/webfactory/ssh-agent/issues/243\"\u003e#243\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/webfactory/ssh-agent/compare/a6f90b1f127823b31d4d4a8d96047790581349bd...e83874834305fe9a4a2997156cb26c5de65a8555\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `trufflesecurity/trufflehog` from 3.93.7 to 3.93.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/trufflesecurity/trufflehog/releases\"\u003etrufflesecurity/trufflehog's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.93.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: make LDAP verification context-aware by \u003ca href=\"https://github.com/mariduv\"\u003e\u003ccode\u003e@​mariduv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4768\"\u003etrufflesecurity/trufflehog#4768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStop growing filesystem resume data by \u003ca href=\"https://github.com/rosecodym\"\u003e\u003ccode\u003e@​rosecodym\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/pull/4797\"\u003etrufflesecurity/trufflehog#4797\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/trufflesecurity/trufflehog/compare/v3.93.7...v3.93.8\"\u003ehttps://github.com/trufflesecurity/trufflehog/compare/v3.93.7...v3.93.8\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trufflesecurity/trufflehog/commit/6c05c4a00b91aa542267d8e32a8254774799d68d\"\u003e\u003ccode\u003e6c05c4a\u003c/code\u003e\u003c/a\u003e Stop growing filesystem resume data (\u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/issues/4797\"\u003e#4797\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trufflesecurity/trufflehog/commit/ef63d66d58bb7317d9b220b02af5beae569835ee\"\u003e\u003ccode\u003eef63d66\u003c/code\u003e\u003c/a\u003e fix: make LDAP verification context-aware (\u003ca href=\"https://redirect.github.com/trufflesecurity/trufflehog/issues/4768\"\u003e#4768\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/trufflesecurity/trufflehog/compare/c3e599b7163e8198a55467f3133db0e7b2a492cb...6c05c4a00b91aa542267d8e32a8254774799d68d\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/hyperpolymath/civic-connect/pull/15","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyperpolymath%2Fcivic-connect/issues/15","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/15/packages"}},{"old_version":"1.21.0","new_version":"1.22.0","update_type":"minor","path":null,"pr_created_at":"2026-03-11T02:08:44.000Z","version_change":"1.21.0 → 1.22.0","issue":{"uuid":"4055242666","node_id":"PR_kwDORenSms7JjuGJ","number":9,"state":"closed","title":"chore(deps): bump erlef/setup-beam from 1.21.0 to 1.22.0","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-18T02:07:36.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-11T02:08:44.000Z","updated_at":"2026-03-18T02:07:38.000Z","time_to_close":604732,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"erlef/setup-beam","old_version":"1.21.0","new_version":"1.22.0","repository_url":"https://github.com/erlef/setup-beam"}],"path":null,"ecosystem":"actions"},"body":"Bumps [erlef/setup-beam](https://github.com/erlef/setup-beam) from 1.21.0 to 1.22.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/erlef/setup-beam/releases\"\u003eerlef/setup-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.22.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003emise.toml\u003c/code\u003e as \u003ccode\u003eversion-file\u003c/code\u003e (input) by \u003ca href=\"https://github.com/dinokovac-river\"\u003e\u003ccode\u003e@​dinokovac-river\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/415\"\u003eerlef/setup-beam#415\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDependabot updates\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/419\"\u003eerlef/setup-beam#419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/exec\u003c/code\u003e from 1.1.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/405\"\u003eerlef/setup-beam#405\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/tool-cache\u003c/code\u003e from 2.0.2 to 4.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/407\"\u003eerlef/setup-beam#407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​eslint/js\u003c/code\u003e from 9.38.0 to 10.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/404\"\u003eerlef/setup-beam#404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.1.0 to 6.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/409\"\u003eerlef/setup-beam#409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 6.2.0 to 6.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/423\"\u003eerlef/setup-beam#423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint from 10.0.1 to 10.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/420\"\u003eerlef/setup-beam#420\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint-plugin-yml from 1.18.0 to 3.3.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/418\"\u003eerlef/setup-beam#418\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump globals from 17.3.0 to 17.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/421\"\u003eerlef/setup-beam#421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump markdownlint-cli from 0.47.0 to 0.48.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/422\"\u003eerlef/setup-beam#422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump prettier from 3.6.2 to 3.8.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/408\"\u003eerlef/setup-beam#408\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.0 to 2.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/410\"\u003eerlef/setup-beam#410\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump raven-actions/actionlint from 2.1.1 to 2.1.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/424\"\u003eerlef/setup-beam#424\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump semver from 7.7.2 to 7.7.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/406\"\u003eerlef/setup-beam#406\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eLicense updates\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for license update automation by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/412\"\u003eerlef/setup-beam#412\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/413\"\u003eerlef/setup-beam#413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/414\"\u003eerlef/setup-beam#414\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/416\"\u003eerlef/setup-beam#416\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate 3rd party licenses (automation) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/417\"\u003eerlef/setup-beam#417\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate 3rd party licenses by \u003ca href=\"https://github.com/paulo-ferraz-oliveira\"\u003e\u003ccode\u003e@​paulo-ferraz-oliveira\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/411\"\u003eerlef/setup-beam#411\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dinokovac-river\"\u003e\u003ccode\u003e@​dinokovac-river\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/erlef/setup-beam/pull/415\"\u003eerlef/setup-beam#415\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/erlef/setup-beam/compare/v1.21.0...v1.22.0\"\u003ehttps://github.com/erlef/setup-beam/compare/v1.21.0...v1.22.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/9d5b75ddfda22fb979d2270283237aef8aa68d6b\"\u003e\u003ccode\u003e9d5b75d\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 98c13a9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/98c13a9ed3d014f0298b25782ec163d31f6b3c88\"\u003e\u003ccode\u003e98c13a9\u003c/code\u003e\u003c/a\u003e Support \u003ccode\u003emise.toml\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/415\"\u003e#415\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/0f13bcf18a7fc2199c7096a730e06b4cf105a8fa\"\u003e\u003ccode\u003e0f13bcf\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to c3137f5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/c3137f5cd54be80c81bfcbe43822a4b0521689cb\"\u003e\u003ccode\u003ec3137f5\u003c/code\u003e\u003c/a\u003e Bump globals from 17.3.0 to 17.4.0 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/421\"\u003e#421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/4cbacdb2a92d48255a8b35e02b20ec42dacf0693\"\u003e\u003ccode\u003e4cbacdb\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to 687000a\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/687000ab96a7e7bcd1870902db74cc514cacae5a\"\u003e\u003ccode\u003e687000a\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/419\"\u003e#419\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/9ba6605098a2a5f503b75b7cd48e103835afd663\"\u003e\u003ccode\u003e9ba6605\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-yml from 1.18.0 to 3.3.1 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/722d91de6ec6f037784d81fb762807fed8639643\"\u003e\u003ccode\u003e722d91d\u003c/code\u003e\u003c/a\u003e Automation: update setup-beam version output to f79887d\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/f79887d1babe91ea1dfce308d4c8b207564c450d\"\u003e\u003ccode\u003ef79887d\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.0.1 to 10.0.3 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/420\"\u003e#420\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/erlef/setup-beam/commit/30a0896082f4d05c1f984e3a4b26312a1e6759c1\"\u003e\u003ccode\u003e30a0896\u003c/code\u003e\u003c/a\u003e Bump markdownlint-cli from 0.47.0 to 0.48.0 (\u003ca href=\"https://redirect.github.com/erlef/setup-beam/issues/422\"\u003e#422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/erlef/setup-beam/compare/3580539ceec3dc05b0ed51e9e10b08eb7a7c2bb4...9d5b75ddfda22fb979d2270283237aef8aa68d6b\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=erlef/setup-beam\u0026package-manager=github_actions\u0026previous-version=1.21.0\u0026new-version=1.22.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/mattneel/ex_lancedb/pull/9","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mattneel%2Fex_lancedb/issues/9","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9/packages"}}]}