Skip to content

Bump the gha-deps group with 18 updates#4315

Open
dependabot[bot] wants to merge 2 commits into
masterfrom
dependabot/github_actions/gha-deps-70059fb708
Open

Bump the gha-deps group with 18 updates#4315
dependabot[bot] wants to merge 2 commits into
masterfrom
dependabot/github_actions/gha-deps-70059fb708

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps the gha-deps group with 19 updates:

Package From To
step-security/harden-runner 2.16.1 2.19.4
actions/checkout 6.0.2 7.0.0
actions/setup-dotnet 5.2.0 5.4.0
actions/upload-artifact 7.0.0 7.0.1
github/codeql-action/init 4.35.1 4.36.2
github/codeql-action/autobuild 4.35.1 4.36.2
github/codeql-action/analyze 4.35.1 4.36.2
docker/setup-qemu-action 4.0.0 4.1.0
docker/setup-buildx-action 4.0.0 4.1.0
aws-actions/configure-aws-credentials 6.0.0 6.2.1
docker/login-action 4.0.0 4.2.0
docker/build-push-action 7.0.0 7.2.0
sillsdev/FieldWorks/.github/workflows/CommitMessage.yml 28e9888c4c70a3af593b1b97b77954e04149059b fb4c99d89f4574ac648e3445192ad7e667dcef0f
actions/dependency-review-action 4.9.0 5.0.0
actions/setup-node 6.3.0 6.4.0
actions/labeler 6.0.1 6.1.0
actions/setup-python 6.2.0 6.3.0
github/codeql-action/upload-sarif 4.35.1 4.36.2
federicocarboni/setup-ffmpeg 3 3.1

This change is Reviewable

Bumps the gha-deps group with 18 updates:

| Package | From | To |
| --- | --- | --- |
| [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.16.1` | `2.19.4` |
| [actions/checkout](https://github.com/actions/checkout) | `6.0.2` | `7.0.0` |
| [actions/setup-dotnet](https://github.com/actions/setup-dotnet) | `5.2.0` | `5.4.0` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `7.0.0` | `7.0.1` |
| [github/codeql-action/init](https://github.com/github/codeql-action) | `4.35.1` | `4.36.2` |
| [github/codeql-action/autobuild](https://github.com/github/codeql-action) | `4.35.1` | `4.36.2` |
| [github/codeql-action/analyze](https://github.com/github/codeql-action) | `4.35.1` | `4.36.2` |
| [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) | `4.0.0` | `4.1.0` |
| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `4.0.0` | `4.1.0` |
| [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) | `6.0.0` | `6.2.1` |
| [docker/login-action](https://github.com/docker/login-action) | `4.0.0` | `4.2.0` |
| [docker/build-push-action](https://github.com/docker/build-push-action) | `7.0.0` | `7.2.0` |
| [sillsdev/FieldWorks/.github/workflows/CommitMessage.yml](https://github.com/sillsdev/fieldworks) | `28e9888c4c70a3af593b1b97b77954e04149059b` | `fb4c99d89f4574ac648e3445192ad7e667dcef0f` |
| [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.9.0` | `5.0.0` |
| [actions/setup-node](https://github.com/actions/setup-node) | `6.3.0` | `6.4.0` |
| [actions/labeler](https://github.com/actions/labeler) | `6.0.1` | `6.1.0` |
| [actions/setup-python](https://github.com/actions/setup-python) | `6.2.0` | `6.3.0` |
| [github/codeql-action/upload-sarif](https://github.com/github/codeql-action) | `4.35.1` | `4.36.2` |


Updates `step-security/harden-runner` from 2.16.1 to 2.19.4
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](step-security/harden-runner@fe10465...9af89fc)

Updates `actions/checkout` from 6.0.2 to 7.0.0
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@de0fac2...9c091bb)

Updates `actions/setup-dotnet` from 5.2.0 to 5.4.0
- [Release notes](https://github.com/actions/setup-dotnet/releases)
- [Commits](actions/setup-dotnet@c2fa09f...26b0ec1)

Updates `actions/upload-artifact` from 7.0.0 to 7.0.1
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@bbbca2d...043fb46)

Updates `github/codeql-action/init` from 4.35.1 to 4.36.2
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@c10b806...8aad20d)

Updates `github/codeql-action/autobuild` from 4.35.1 to 4.36.2
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@c10b806...8aad20d)

Updates `github/codeql-action/analyze` from 4.35.1 to 4.36.2
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@c10b806...8aad20d)

Updates `docker/setup-qemu-action` from 4.0.0 to 4.1.0
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](docker/setup-qemu-action@ce36039...0611638)

Updates `docker/setup-buildx-action` from 4.0.0 to 4.1.0
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](docker/setup-buildx-action@4d04d5d...d7f5e7f)

Updates `aws-actions/configure-aws-credentials` from 6.0.0 to 6.2.1
- [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases)
- [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md)
- [Commits](aws-actions/configure-aws-credentials@8df5847...254c19b)

Updates `docker/login-action` from 4.0.0 to 4.2.0
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](docker/login-action@b45d80f...650006c)

Updates `docker/build-push-action` from 7.0.0 to 7.2.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](docker/build-push-action@d08e5c3...f9f3042)

Updates `sillsdev/FieldWorks/.github/workflows/CommitMessage.yml` from 28e9888c4c70a3af593b1b97b77954e04149059b to fb4c99d89f4574ac648e3445192ad7e667dcef0f
- [Release notes](https://github.com/sillsdev/fieldworks/releases)
- [Commits](sillsdev/FieldWorks@28e9888...fb4c99d)

Updates `actions/dependency-review-action` from 4.9.0 to 5.0.0
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](actions/dependency-review-action@2031cfc...a1d282b)

Updates `actions/setup-node` from 6.3.0 to 6.4.0
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](actions/setup-node@53b8394...48b55a0)

Updates `actions/labeler` from 6.0.1 to 6.1.0
- [Release notes](https://github.com/actions/labeler/releases)
- [Commits](actions/labeler@634933e...f27b608)

Updates `actions/setup-python` from 6.2.0 to 6.3.0
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](actions/setup-python@a309ff8...ece7cb0)

Updates `github/codeql-action/upload-sarif` from 4.35.1 to 4.36.2
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@c10b806...8aad20d)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.19.4
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gha-deps
- dependency-name: actions/checkout
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: gha-deps
- dependency-name: actions/setup-dotnet
  dependency-version: 5.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gha-deps
- dependency-name: actions/upload-artifact
  dependency-version: 7.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gha-deps
- dependency-name: github/codeql-action/init
  dependency-version: 4.36.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gha-deps
- dependency-name: github/codeql-action/autobuild
  dependency-version: 4.36.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gha-deps
- dependency-name: github/codeql-action/analyze
  dependency-version: 4.36.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gha-deps
- dependency-name: docker/setup-qemu-action
  dependency-version: 4.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gha-deps
- dependency-name: docker/setup-buildx-action
  dependency-version: 4.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gha-deps
- dependency-name: aws-actions/configure-aws-credentials
  dependency-version: 6.2.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gha-deps
- dependency-name: docker/login-action
  dependency-version: 4.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gha-deps
- dependency-name: docker/build-push-action
  dependency-version: 7.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gha-deps
- dependency-name: sillsdev/FieldWorks/.github/workflows/CommitMessage.yml
  dependency-version: fb4c99d89f4574ac648e3445192ad7e667dcef0f
  dependency-type: direct:production
  dependency-group: gha-deps
- dependency-name: actions/dependency-review-action
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: gha-deps
- dependency-name: actions/setup-node
  dependency-version: 6.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gha-deps
- dependency-name: actions/labeler
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gha-deps
- dependency-name: actions/setup-python
  dependency-version: 6.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gha-deps
- dependency-name: github/codeql-action/upload-sarif
  dependency-version: 4.36.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gha-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jul 1, 2026
@codecov

codecov Bot commented Jul 1, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 66.88%. Comparing base (e2b613d) to head (99005ac).

Additional details and impacted files
@@            Coverage Diff             @@
##           master    #4315      +/-   ##
==========================================
- Coverage   75.96%   66.88%   -9.08%     
==========================================
  Files         305      248      -57     
  Lines       11384     6303    -5081     
  Branches     1411      794     -617     
==========================================
- Hits         8648     4216    -4432     
+ Misses       2332     1826     -506     
+ Partials      404      261     -143     
Flag Coverage Δ
backend ?
frontend 66.88% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@imnasnainaec imnasnainaec self-assigned this Jul 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant