Skip to content

Bump the npm-production group across 1 directory with 3 updates#40

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot_npm_and_yarn_npm-production-4376e56945
Open

Bump the npm-production group across 1 directory with 3 updates#40
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot_npm_and_yarn_npm-production-4376e56945

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Jan 14, 2026
edited
Loading

Bumps the npm-production group with 3 updates in the / directory: @actions/core, @actions/exec and @actions/github.

Updates @actions/core from 1.11.1 to 3.0.1

Changelog

Sourced from @​actions/core's changelog.

3.0.1

  • Bump undici from 6.23.0 to 6.24.1 #2348

3.0.0

  • Breaking change: Package is now ESM-only
    • CommonJS consumers must use dynamic import() instead of require()

2.0.3

  • Bump @actions/http-client to 3.0.2

2.0.1

  • Bump @​actions/exec from 1.1.1 to 2.0.0 #2199

2.0.0

  • Add support for Node 24 #2110
  • Bump @​actions/http-client from 2.0.1 to 3.0.0
Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​actions/core since your current version.


Updates @actions/exec from 1.1.1 to 3.0.0

Changelog

Sourced from @​actions/exec's changelog.

3.0.0

  • Breaking change: Package is now ESM-only
    • CommonJS consumers must use dynamic import() instead of require()

2.0.0

  • Add support for Node 24 #2110
  • Bump @​actions/io dependency from ^1.0.1 to ^2.0.0
Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​actions/exec since your current version.


Updates @actions/github from 6.0.1 to 9.1.1

Changelog

Sourced from @​actions/github's changelog.

9.1.1

  • Bump undici from 6.23.0 to 6.24.0 #2346

9.1.0

  • Append actions_orchestration_id to user-agent when the ACTIONS_ORCHESTRATION_ID environment variable is set #2364

9.0.0

  • Breaking change: Package is now ESM-only
    • CommonJS consumers must use dynamic import() instead of require()
    • Example: const { getOctokit, context } = await import('@actions/github')
  • Fix TypeScript compilation by migrating to ESM, enabling proper imports from @octokit/core/types

8.0.1

  • Update undici to 6.23.0
  • Update @actions/http-client to 3.0.2

8.0.0

  • Update @​octokit dependencies
    • @octokit/core ^7.0.6
    • @octokit/plugin-paginate-rest ^14.0.0
    • @octokit/plugin-rest-endpoint-methods ^17.0.0
    • @octokit/request ^10.0.7
    • @octokit/request-error ^7.1.0
  • Breaking change: Minimum Node.js version is now 20 (previously 18)

7.0.0

  • Update to v3.0.1 of @actions/http-client
Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​actions/github since your current version.

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jan 14, 2026
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Jan 14, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@dependabot dependabot Bot force-pushed the dependabot_npm_and_yarn_npm-production-4376e56945 branch from b261685 to 11e4183 Compare March 4, 2026 00:08
@dependabot dependabot Bot force-pushed the dependabot_npm_and_yarn_npm-production-4376e56945 branch from 11e4183 to 6204924 Compare April 8, 2026 00:08
@dependabot
Bump the npm-production group across 1 directory with 3 updates
bae157f 
Bumps the npm-production group with 3 updates in the / directory: [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core), [@actions/exec](https://github.com/actions/toolkit/tree/HEAD/packages/exec) and [@actions/github](https://github.com/actions/toolkit/tree/HEAD/packages/github).


Updates `@actions/core` from 1.11.1 to 3.0.1
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

Updates `@actions/exec` from 1.1.1 to 3.0.0
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/exec/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/exec)

Updates `@actions/github` from 6.0.1 to 9.1.1
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/github/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/github)

---
updated-dependencies:
- dependency-name: "@actions/core"
  dependency-version: 2.0.2
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm-production
- dependency-name: "@actions/exec"
  dependency-version: 2.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm-production
- dependency-name: "@actions/github"
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm-production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot_npm_and_yarn_npm-production-4376e56945 branch from 6204924 to bae157f Compare May 6, 2026 00:09
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented May 6, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@na1307 na1307

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@na1307