Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

Bump the actions group across 1 directory with 2 updates

Open
Number: #3138
Type: Pull Request
State: Open
Author: dependabot[bot] dependabot[bot]
Association: Contributor
Comments: 1
Created: September 23, 2025 at 12:52 PM UTC
(8 months ago)
Updated: September 23, 2025 at 12:54 PM UTC
(8 months ago)
Labels:
dependencies github_actions
Description:

Bumps the actions group with 2 updates in the / directory: ruby/setup-ruby and actions/create-github-app-token.

Updates ruby/setup-ruby from 1.257.0 to 1.263.0

Release notes

Sourced from ruby/setup-ruby's releases.

v1.263.0

What's Changed

New Contributors

Full Changelog: https://github.com/ruby/setup-ruby/compare/v1.262.0...v1.263.0

v1.262.0

Full Changelog: https://github.com/ruby/setup-ruby/compare/v1.261.0...v1.262.0

v1.261.0

What's Changed

Full Changelog: https://github.com/ruby/setup-ruby/compare/v1.260.0...v1.261.0

v1.260.0

What's Changed

New Contributors

Full Changelog: https://github.com/ruby/setup-ruby/compare/v1.259.0...v1.260.0

v1.259.0

What's Changed

Full Changelog: https://github.com/ruby/setup-ruby/compare/v1.258.0...v1.259.0

v1.258.0

What's Changed

Full Changelog: https://github.com/ruby/setup-ruby/compare/v1.257.0...v1.258.0

Commits
  • 0481980 Print lockfile contents earlier
  • cf7216d Use new releases of ruby-builder per engine-version
  • 1c58d16 Update CRuby releases on Windows
  • 1dc7956 Test on JRuby 9.4 as well as 10.0
  • b8714f7 Revert "Skip test failing on JRuby on Windows"
  • d3e13b3 Revert "feat: upgrade to node 24"
  • 4df093a Revert "chore: add setup-node for lint job"
  • 866b91c chore: add setup-node for lint job
  • c4cd38d feat: upgrade to node 24
  • 3fee676 Add truffleruby-25.0.0,truffleruby+graalvm-25.0.0
  • Additional commits viewable in compare view

Updates actions/create-github-app-token from 2.1.1 to 2.1.4

Release notes

Sourced from actions/create-github-app-token's releases.

v2.1.4

2.1.4 (2025-09-13)

Bug Fixes

  • deps: bump @​octokit/auth-app from 7.2.1 to 8.0.1 (#257) (bef1eaf)

v2.1.3

2.1.3 (2025-09-13)

Bug Fixes

  • deps: bump undici from 7.8.0 to 7.10.0 in the production-dependencies group (#254) (f3d5ec2)

v2.1.2

2.1.2 (2025-09-12)

Bug Fixes

  • deps: bump @​octokit/request from 9.2.3 to 10.0.2 (#256) (5d7307b)
Commits
  • 6701853 build(release): 2.1.4 [skip ci]
  • bef1eaf fix(deps): bump @​octokit/auth-app from 7.2.1 to 8.0.1 (#257)
  • 1526738 build(release): 2.1.3 [skip ci]
  • f3d5ec2 fix(deps): bump undici from 7.8.0 to 7.10.0 in the production-dependencies gr...
  • def152b build(release): 2.1.2 [skip ci]
  • 5d7307b fix(deps): bump @​octokit/request from 9.2.3 to 10.0.2 (#256)
  • 525760a build(deps): bump stefanzweifel/git-auto-commit-action from 5.2.0 to 6.0.1 (#...
  • 8ab05a8 Add beta branch support for releases (#282)
  • d00315e build(deps): bump actions/checkout from 4 to 5 (#279)
  • fcc6c28 build(deps-dev): bump dotenv from 16.5.0 to 17.2.1 (#269)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
This is a draft pull request.
Pull Request Statistics
Commits:
0
Files Changed:
0
Additions:
+0
Deletions:
-0
Package Dependencies
Package:
actions/create-github-app-token
Ecosystem:
actions
Version Change:
2.1.1 → 2.1.4
Update Type:
Patch
Package:
ruby/setup-ruby
Ecosystem:
actions
Version Change:
1.257.0 → 1.263.0
Update Type:
Minor
Actions
View on GitHub View Repository All Dependabot PRs
Technical Details
ID: 8300127
UUID: 3445180693
Node ID: PR_kwDOD3bUds6qESdn
Host: GitHub
Repository: github/codeql-action