GitHub Action: Bump the all-actions-dependencies group across 1 directory with 5 updates by dependabot[bot] · Pull Request #575 · microsoft/mu_devops

dependabot · 2026-05-11T20:23:03Z

Bumps the all-actions-dependencies group with 5 updates in the / directory:

Package	From	To
actions/setup-python	`5`	`6`
actions/create-github-app-token	`2`	`3`
redhat-plumbers-in-action/advanced-issue-labeler	`2`	`3`
actions/labeler	`6.0.1`	`6.1.0`
release-drafter/release-drafter	`6.2.0`	`7.3.0`

Updates actions/setup-python from 5 to 6

Release notes

Sourced from actions/setup-python's releases.

v6.0.0

What's Changed

Breaking Changes

Upgrade to node 24 by @salmanmkc in actions/setup-python#1164

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Enhancements:

Add support for pip-version by @priyagupta108 in actions/setup-python#1129

Enhance reading from .python-version by @krystof-k in actions/setup-python#787

Add version parsing from Pipfile by @aradkdj in actions/setup-python#1067

Bug fixes:

Clarify pythonLocation behaviour for PyPy and GraalPy in environment variables by @aparnajyothi-y in actions/setup-python#1183

Change missing cache directory error to warning by @aparnajyothi-y in actions/setup-python#1182

Add Architecture-Specific PATH Management for Python with --user Flag on Windows by @aparnajyothi-y in actions/setup-python#1122

Include python version in PyPy python-version output by @cdce8p in actions/setup-python#1110

Update docs: clarification on pip authentication with setup-python by @priya-kinthali in actions/setup-python#1156

Dependency updates:

Upgrade idna from 2.9 to 3.7 in /tests/data by @dependabot[bot] in actions/setup-python#843

Upgrade form-data to fix critical vulnerabilities #182 & #183 by @aparnajyothi-y in actions/setup-python#1163

Upgrade setuptools to 78.1.1 to fix path traversal vulnerability in PackageIndex.download by @aparnajyothi-y in actions/setup-python#1165

Upgrade actions/checkout from 4 to 5 by @dependabot[bot] in actions/setup-python#1181

Upgrade @actions/tool-cache from 2.0.1 to 2.0.2 by @dependabot[bot] in actions/setup-python#1095

New Contributors

@krystof-k made their first contribution in actions/setup-python#787

@cdce8p made their first contribution in actions/setup-python#1110

@aradkdj made their first contribution in actions/setup-python#1067

Full Changelog: actions/setup-python@v5...v6.0.0

v5.6.0

What's Changed

Workflow updates related to Ubuntu 20.04 by @aparnajyothi-y in actions/setup-python#1065

Fix for Candidate Not Iterable Error by @aparnajyothi-y in actions/setup-python#1082

Upgrade semver and @types/semver by @dependabot in actions/setup-python#1091

Upgrade prettier from 2.8.8 to 3.5.3 by @dependabot in actions/setup-python#1046

Upgrade ts-jest from 29.1.2 to 29.3.2 by @dependabot in actions/setup-python#1081

Full Changelog: actions/setup-python@v5...v5.6.0

v5.5.0

What's Changed

Enhancements:

Support free threaded Python versions like '3.13t' by @colesbury in actions/setup-python#973

Enhance Workflows: Include ubuntu-arm runners, Add e2e Testing for free threaded and Upgrade @action/cache from 4.0.0 to 4.0.3 by @priya-kinthali in actions/setup-python#1056

Add support for .tool-versions file in setup-python by @mahabaleshwars in actions/setup-python#1043

Bug fixes:

Fix architecture for pypy on Linux ARM64 by @mayeut in actions/setup-python#1011 This update maps arm64 to aarch64 for Linux ARM64 PyPy installations.

... (truncated)

Commits

a309ff8 Bump urllib3 from 2.6.0 to 2.6.3 in /tests/data (#1264)
bfe8cc5 Upgrade @actions dependencies to Node 24 compatible versions (#1259)
4f41a90 Bump urllib3 from 2.5.0 to 2.6.0 in /tests/data (#1253)
83679a8 Bump @types/node from 24.1.0 to 24.9.1 and update macos-13 to macos-15-intel ...
bfc4944 Bump prettier from 3.5.3 to 3.6.2 (#1234)
97aeb3e Bump requests from 2.32.2 to 2.32.4 in /tests/data (#1130)
443da59 Bump actions/publish-action from 0.3.0 to 0.4.0 & Documentation update for pi...
cfd55ca graalpy: add graalpy early-access and windows builds (#880)
bba65e5 Bump typescript from 5.4.2 to 5.9.3 and update docs/advanced-usage.md (#1094)
18566f8 Improve wording and "fix example" (remove 3.13) on testing against pre-releas...
Additional commits viewable in compare view

Updates actions/create-github-app-token from 2 to 3

Release notes

Sourced from actions/create-github-app-token's releases.

v3.0.0

3.0.0 (2026-03-14)

feat!: node 24 support (#275) (2e564a0)

fix!: require NODE_USE_ENV_PROXY for proxy support (#342) (4451bcb)

Bug Fixes

remove custom proxy handling (#143) (dce0ab0)

BREAKING CHANGES

Custom proxy handling has been removed. If you use HTTP_PROXY or HTTPS_PROXY, you must now also set NODE_USE_ENV_PROXY=1 on the action step.

Requires Actions Runner v2.327.1 or later if you are using a self-hosted runner.

v3.0.0-beta.6

3.0.0-beta.6 (2026-03-13)

Bug Fixes

deps: bump @actions/core from 1.11.1 to 3.0.0 (#337) (b044133)

deps: bump minimatch from 9.0.5 to 9.0.9 (#335) (5cbc656)

deps: bump the production-dependencies group with 4 updates (#336) (6bda5bc)

deps: bump undici from 7.16.0 to 7.18.2 (#323) (b4f638f)

v3.0.0-beta.5

3.0.0-beta.5 (2026-03-13)

fix!: require NODE_USE_ENV_PROXY for proxy support (#342) (d53a1cd)

BREAKING CHANGES

Custom proxy handling has been removed. If you use HTTP_PROXY or HTTPS_PROXY, you must now also set NODE_USE_ENV_PROXY=1 on the action step.

v3.0.0-beta.4

3.0.0-beta.4 (2026-03-13)

Bug Fixes

deps: bump @octokit/auth-app from 7.2.1 to 8.0.1 (#257) (bef1eaf)

deps: bump @octokit/request from 9.2.3 to 10.0.2 (#256) (5d7307b)

deps: bump glob from 10.4.5 to 10.5.0 (#305) (5480f43)

deps: bump p-retry from 6.2.1 to 7.1.0 (#294) (dce3be8)

... (truncated)

Commits

1b10c78 build(release): 3.1.1 [skip ci]
07e2b76 fix: improve error message when app identifier is empty (#362)
ea01216 ci: remove publish-immutable-action workflow (#361)
7bd0371 build(release): 3.1.0 [skip ci]
e6bd4e6 feat: add client-id input and deprecate app-id (#353)
076e948 feat: update permission inputs (#358)
3bbe07d fix(deps): bump p-retry from 7.1.1 to 8.0.0 (#357)
28a99e3 build(deps-dev): bump c8 from 10.1.3 to 11.0.0
4df5060 build(deps-dev): bump open-cli from 8.0.0 to 9.0.0
4843c53 build(deps-dev): bump the development-dependencies group with 3 updates
Additional commits viewable in compare view

Updates redhat-plumbers-in-action/advanced-issue-labeler from 2 to 3

Release notes

Sourced from redhat-plumbers-in-action/advanced-issue-labeler's releases.

v3.0.0

What's Changed

Breaking

Use zod for input validation 🦹 (#275) @jamacku

Use octokit instead of probot 🗑️ (#274) @jamacku

New

Add support for GitHub Enterprise 🏛️ (#277) @jamacku

Add option to set custom config file path (#278) @jamacku

Bug Fixes

Use node16 for v2; the node20 will be used by v3 (#281) @jamacku

Maintenance

Improve and update tests 🧪 (#279) @jamacku

Dependency Updates

chore(deps): update dependency @vercel/ncc to v0.38.1 (#269) @renovatebot

chore(deps): update dependency eslint-plugin-prettier to v5.0.1 (#270) @renovatebot

chore(deps): update dependency @types/node to v18.18.9 (#268) @renovatebot

Full Changelog: redhat-plumbers-in-action/advanced-issue-labeler@v2.0.7...v3.0.0

v2.1.0

What's Changed

Use octokit instead of probot 🗑️ by @jamacku in redhat-plumbers-in-action/advanced-issue-labeler#274

chore(deps): update dependency @types/node to v18.18.9 by @renovatebot in redhat-plumbers-in-action/advanced-issue-labeler#268

chore(deps): update dependency eslint-plugin-prettier to v5.0.1 by @renovatebot in redhat-plumbers-in-action/advanced-issue-labeler#270

Use zod for input validation 🦹 by @jamacku in redhat-plumbers-in-action/advanced-issue-labeler#275

chore(deps): update dependency @vercel/ncc to v0.38.1 by @renovatebot in redhat-plumbers-in-action/advanced-issue-labeler#269

Add option to set custom config file path by @jamacku in redhat-plumbers-in-action/advanced-issue-labeler#278

Improve and update tests 🧪 by @jamacku in redhat-plumbers-in-action/advanced-issue-labeler#279

Add support for GitHub Enterprise 🏛️ by @jamacku in redhat-plumbers-in-action/advanced-issue-labeler#277

Use node16 for v2; the node20 will be used by v3 by @jamacku in redhat-plumbers-in-action/advanced-issue-labeler#281

Full Changelog: redhat-plumbers-in-action/advanced-issue-labeler@v2.0.7...v2.1.0

v2.0.7

What's Changed

Maintenance

Drop support for Node.js 16 and add Node.js 20 🐢 (#260) @jamacku

... (truncated)

Commits

b80ae64 chore(deps): update github/codeql-action action to v4
8a8ebe2 chore(deps): update dependency node to v24
4726055 chore(deps): update actions/upload-artifact action to v5
907e1bf chore(deps): update actions/setup-node action to v6
2706665 chore(deps): update actions/checkout action to v6
fbea672 chore(deps): update yarn to v4.12.0
0dd792b deps: update dependencies
96bf6d8 chore(config): migrate config renovate.json
deb5917 chore(deps): update dependency typescript to v5.9.3
17a8eaf chore(deps): update dependency @types/node to v24.6.1
Additional commits viewable in compare view

Updates actions/labeler from 6.0.1 to 6.1.0

Release notes

Sourced from actions/labeler's releases.

v6.1.0

Enhancements

Add changed-files-labels-limit and max-files-changed configuration options to cap the number of labels added by @bluca in actions/labeler#923

Bug Fixes

Improve Labeler Action documentation and permission error handling by @chiranjib-swain in actions/labeler#897

Preserve manually added labels during workflow runs and refine label synchronization logic by @chiranjib-swain in actions/labeler#917

Dependency Updates

Upgrade brace-expansion from 1.1.11 to 1.1.12 and document breaking changes in v6 by @dependabot in actions/labeler#877

Upgrade minimatch from 10.0.1 to 10.2.3 by @dependabot in actions/labeler#926

Upgrade dependencies (@actions/core, @actions/github, js-yaml, minimatch, @typescript-eslint) by @Copilot in actions/labeler#934

New Contributors

@chiranjib-swain made their first contribution in actions/labeler#897

@bluca made their first contribution in actions/labeler#923

@Copilot made their first contribution in actions/labeler#934

Full Changelog: actions/labeler@v6...v6.1.0

Commits

f27b608 chore: upgrade dependencies (@actions/core, @actions/github, js-yaml, minimat...
c5dadc2 Add 'changed-files-labels-limit' and 'max-files-changed' configs to allow cap...
e52e4fb Bump minimatch from 10.0.1 to 10.2.3 (#926)
77a4082 Fix: Preserve manually added labels during workflow run and refine label sync...
25abb3c Improve Labeler Action Documentation and Error Handling for Permissions (#897)
395c8cf Bump brace-expansion from 1.1.11 to 1.1.12 and document breaking changes in v...
See full diff in compare view

Updates release-drafter/release-drafter from 6.2.0 to 7.3.0

Release notes

Sourced from release-drafter/release-drafter's releases.

v7.3.0

What's Changed

New

feat: recover recently merged PRs missed by associated PRs lag (#1604) @jetersen

feat: switch release discovery to ref comparison and explicit missing-baseline warnings (#1570) @jetersen

Bug Fixes

fix: restore prerelease-identifier on first run when no prior releases exist (#1602) @jrbeilke

fix: prevent using commitish like refs/pull (#1598) @cchanche

Maintenance

ci: rebuild dist after codegen so generated PRs include bundle updates (#1605) @jetersen

chore: update generated GraphQL types (#1600) @github-actions[bot]

chore: clarify base repository pr filtering (#1599) @cchanche

Dependency Updates

build(deps-dev): bump postcss from 8.5.8 to 8.5.12 (#1597) @dependabot[bot]

Full Changelog: release-drafter/release-drafter@v7.2.1...v7.3.0

v7.2.1

What's Changed

Bug Fixes

fix: initial-commits-since in config not overwritten by input (#1593) @sroebert

fix: clarify prerelease-identifier behavior and precedence in configuration (#1594) @neilime

Maintenance

chore: disable "No version input..." warning (#1595) @cchanche

Full Changelog: release-drafter/release-drafter@v7.2.0...v7.2.1

v7.2.0

What's Changed

New

feat: allow always collapsing a category (#1444) @mhanberg

Bug Fixes

fix: improve advanced substitutions in replacers (#1555) @jetersen

fix: support repo-only _extends and prevent .github/ path doubling (#1577) @jetersen

... (truncated)

Commits

c2e2804 chore: release v7.3.0
0c28acd feat: recover recently merged PRs missed by associated PRs lag (#1604)
3052ee0 fix: restore prerelease-identifier on first run when no prior releases exist ...
0503d11 ci: rebuild dist after codegen so generated PRs include bundle updates (#1605)
a553731 chore: update generated GraphQL types (#1600)
c5dd361 ci: add warning on automatic codegen PRs
705c5af ci: add maintenance label to automated codegen updates
acfaf4f chore: clarify base repository pr filtering (#1599)
d181a5a fix: prevent using commitish like refs/pull (#1598)
f188d08 feat: switch release discovery to ref comparison and explicit missing-baselin...
Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

…tory with 5 updates Bumps the all-actions-dependencies group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/setup-python](https://github.com/actions/setup-python) | `5` | `6` | | [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | `2` | `3` | | [redhat-plumbers-in-action/advanced-issue-labeler](https://github.com/redhat-plumbers-in-action/advanced-issue-labeler) | `2` | `3` | | [actions/labeler](https://github.com/actions/labeler) | `6.0.1` | `6.1.0` | | [release-drafter/release-drafter](https://github.com/release-drafter/release-drafter) | `6.2.0` | `7.3.0` | Updates `actions/setup-python` from 5 to 6 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@v5...v6) Updates `actions/create-github-app-token` from 2 to 3 - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Commits](actions/create-github-app-token@v2...v3) Updates `redhat-plumbers-in-action/advanced-issue-labeler` from 2 to 3 - [Release notes](https://github.com/redhat-plumbers-in-action/advanced-issue-labeler/releases) - [Commits](redhat-plumbers-in-action/advanced-issue-labeler@v2...v3) Updates `actions/labeler` from 6.0.1 to 6.1.0 - [Release notes](https://github.com/actions/labeler/releases) - [Commits](actions/labeler@v6.0.1...v6.1.0) Updates `release-drafter/release-drafter` from 6.2.0 to 7.3.0 - [Release notes](https://github.com/release-drafter/release-drafter/releases) - [Commits](release-drafter/release-drafter@v6.2.0...v7.3.0) --- updated-dependencies: - dependency-name: actions/setup-python dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions-dependencies - dependency-name: actions/create-github-app-token dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions-dependencies - dependency-name: redhat-plumbers-in-action/advanced-issue-labeler dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions-dependencies - dependency-name: actions/labeler dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-actions-dependencies - dependency-name: release-drafter/release-drafter dependency-version: 7.3.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added type:dependabot Created by dependabot type:dependencies Pull requests that update a dependency file labels May 11, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Action: Bump the all-actions-dependencies group across 1 directory with 5 updates#575

GitHub Action: Bump the all-actions-dependencies group across 1 directory with 5 updates#575
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/all-actions-dependencies-a642213397

dependabot Bot commented on behalf of github May 11, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github May 11, 2026

v6.0.0

What's Changed

Breaking Changes

Enhancements:

Bug fixes:

Dependency updates:

New Contributors

v5.6.0

What's Changed

v5.5.0

What's Changed

Enhancements:

Bug fixes:

v3.0.0

3.0.0 (2026-03-14)

Bug Fixes

BREAKING CHANGES

v3.0.0-beta.6

3.0.0-beta.6 (2026-03-13)

Bug Fixes

v3.0.0-beta.5

3.0.0-beta.5 (2026-03-13)

BREAKING CHANGES

v3.0.0-beta.4

3.0.0-beta.4 (2026-03-13)

Bug Fixes

v3.0.0

What's Changed

Breaking

New

Bug Fixes

Maintenance

Dependency Updates

v2.1.0

What's Changed

v2.0.7

What's Changed

Maintenance

v6.1.0

Enhancements

Bug Fixes

Dependency Updates

New Contributors

v7.3.0

What's Changed

New

Bug Fixes

Maintenance

Dependency Updates

v7.2.1

What's Changed

Bug Fixes

Maintenance

v7.2.0

What's Changed

New

Bug Fixes

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants