Skip to content

ci(deps): bump the github-actions group with 2 updates #16

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

ci(deps): bump the github-actions group with 2 updates #16

wants to merge 1 commit into from
+2 −2

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jun 16, 2025
edited
Loading

Bumps the github-actions group with 2 updates: anchore/sbom-action and actions/configure-pages.

Updates anchore/sbom-action from 0.17.8 to 0.20.1

Release notes

Sourced from anchore/sbom-action's releases.

v0.20.1

Changes in v0.20.1

  • Update Syft to v1.27.1 (#525)

v0.20.0

Changes in v0.20.0

  • chore(deps): update Syft to v1.24.0 (#522)

v0.19.0

Changes in v0.19.0

  • chore(deps): update Syft to v1.23.0 (#521)
  • chore(deps): bump peter-evans/create-pull-request from 7.0.6 to 7.0.8 (#519)
  • chore(deps): bump cross-spawn (#514)

v0.18.0

Changes in v0.18.0

v0.17.9

Changes in v0.17.9

Commits
  • 9246b90 chore(deps): update Syft to v1.27.1 (#525)
  • 5f8d644 chore(deps): update Syft to v1.26.1 (#524)
  • e11c554 chore(deps): update Syft to v1.24.0 (#522)
  • 9f73021 chore(deps): update Syft to v1.23.0 (#521)
  • a669da5 chore(deps): update Syft to v1.22.0 (#517)
  • 5aeee89 chore(deps): bump peter-evans/create-pull-request from 7.0.6 to 7.0.8 (#519)
  • 79202ae chore(deps): bump cross-spawn (#514)
  • f325610 chore(deps): bump peter-evans/create-pull-request from 7.0.5 to 7.0.6 (#511)
  • 83a99f5 chore(deps): bump release-drafter/release-drafter from 6.0.0 to 6.1.0 (#512)
  • 9af714f chore(deps): update Syft to v1.19.0 (#513)
  • Additional commits viewable in compare view

Updates actions/configure-pages from 4 to 5

Release notes

Sourced from actions/configure-pages's releases.

v5.0.0

Breaking Changes

⚠️ This version contains breaking changes! ⚠️

Full Changelog

See details of all code changes since previous release.

Commits
  • 983d773 Merge pull request #139 from actions/config-auto-detect
  • 9cf6e24 Tweak comment
  • f304bd8 Update distributables
  • 215cd51 Attempt to detect existing config files matching the expected basename plus o...
  • e9382ac Front-load the file extension warning
  • 7781abd Merge pull request #138 from actions/error-utils
  • fc47e3c Update distributables
  • 9c9f8a2 Update tests to use the Octokit RequestError class
  • 9a4705d Update distributables
  • f6ded38 Fix syntax error and formatting
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Jun 16, 2025

Reviewers

The following users could not be added as reviewers: ExaDev. Either the username does not exist or it does not have the correct permissions to be added as a reviewer.

Assignees

The following users could not be added as assignees: ExaDev. Either the username does not exist or it does not have the correct permissions to be added as an assignee.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Jun 16, 2025

The reviewers field in the dependabot.yml file will be removed soon. Please use the code owners file to specify reviewers for Dependabot PRs. For more information, see this blog post.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jun 16, 2025
@dependabot dependabot bot force-pushed the dependabot/github_actions/github-actions-b8333b38c3 branch from acaf7c5 to 3f0b390 Compare June 23, 2025 09:53
@dependabot
ci(deps): bump the github-actions group with 2 updates
550f343 
Bumps the github-actions group with 2 updates: [anchore/sbom-action](https://github.com/anchore/sbom-action) and [actions/configure-pages](https://github.com/actions/configure-pages).


Updates `anchore/sbom-action` from 0.17.8 to 0.20.1
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md)
- [Commits](anchore/sbom-action@v0.17.8...v0.20.1)

Updates `actions/configure-pages` from 4 to 5
- [Release notes](https://github.com/actions/configure-pages/releases)
- [Commits](actions/configure-pages@v4...v5)

---
updated-dependencies:
- dependency-name: anchore/sbom-action
  dependency-version: 0.20.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: actions/configure-pages
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/github_actions/github-actions-b8333b38c3 branch from 3f0b390 to 550f343 Compare August 4, 2025 15:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants