build(deps): bump the actions group across 1 directory with 4 updates#2843
build(deps): bump the actions group across 1 directory with 4 updates#2843dependabot[bot] wants to merge 1 commit into
Conversation
Bumps the actions group with 4 updates in the / directory: [docker/login-action](https://github.com/docker/login-action), [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action), [dorny/paths-filter](https://github.com/dorny/paths-filter) and [actions/stale](https://github.com/actions/stale). Updates `docker/login-action` from 4.2.0 to 4.4.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@v4.2.0...v4.4.0) Updates `docker/setup-buildx-action` from 4.1.0 to 4.2.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@v4.1.0...v4.2.0) Updates `dorny/paths-filter` from 4.0.1 to 4.0.2 - [Release notes](https://github.com/dorny/paths-filter/releases) - [Changelog](https://github.com/dorny/paths-filter/blob/master/CHANGELOG.md) - [Commits](dorny/paths-filter@v4.0.1...v4.0.2) Updates `actions/stale` from 10 to 10.3.0 - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](actions/stale@v10...v10.3.0) --- updated-dependencies: - dependency-name: docker/login-action dependency-version: 4.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: docker/setup-buildx-action dependency-version: 4.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: dorny/paths-filter dependency-version: 4.0.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: actions/stale dependency-version: 10.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>
Greptile SummaryThis is a routine Dependabot grouping PR that bumps four GitHub Actions dependencies across the CI workflows — all within the same major version with no breaking changes.
Confidence Score: 5/5All four updates are within-major-version bumps containing only bug fixes and dependency refreshes; no behavior changes affect the Docker build or stale management workflows. Every changed line is a version string update generated by Dependabot. The release notes confirm no breaking changes or API removals, and the dorny/paths-filter patch actively fixes a bug (dubious ownership errors in container jobs) that could otherwise cause spurious workflow failures. No files require special attention. Important Files Changed
Flowchart%%{init: {'theme': 'neutral'}}%%
flowchart TD
A[PR Push or Schedule] --> B[docker-build.yml]
B --> C[paths-filter v4.0.2\nDetect changed paths]
C -->|paths changed| D[docker-build-template.yml]
C -->|no change| E[Skip build]
D --> F[login-action v4.4.0\nLogin to ghcr.io]
F --> G[setup-buildx-action v4.2.0\nSetup buildx driver]
G --> H[Build and Push Docker image]
I[Schedule or Manual] --> J[stale.yml]
J --> K[actions/stale v10.3.0\nMark stale issues and PRs]
%%{init: {'theme': 'base', 'themeVariables': {"darkMode": true, "background": "#0d1117", "primaryColor": "#21262d", "primaryTextColor": "#e6edf3", "primaryBorderColor": "#8b949e", "lineColor": "#8b949e", "textColor": "#e6edf3", "edgeLabelBackground": "#161b22", "actorBkg": "#21262d", "actorBorder": "#8b949e", "actorTextColor": "#e6edf3", "actorLineColor": "#8b949e", "signalColor": "#8b949e", "signalTextColor": "#e6edf3", "noteBkgColor": "#373320", "noteBorderColor": "#d4a72c", "noteTextColor": "#f0e6c0", "labelBoxBkgColor": "#21262d", "labelBoxBorderColor": "#8b949e", "labelTextColor": "#e6edf3", "loopTextColor": "#e6edf3", "activationBkgColor": "#30363d", "activationBorderColor": "#8b949e"}}}%%
flowchart TD
A[PR Push or Schedule] --> B[docker-build.yml]
B --> C[paths-filter v4.0.2\nDetect changed paths]
C -->|paths changed| D[docker-build-template.yml]
C -->|no change| E[Skip build]
D --> F[login-action v4.4.0\nLogin to ghcr.io]
F --> G[setup-buildx-action v4.2.0\nSetup buildx driver]
G --> H[Build and Push Docker image]
I[Schedule or Manual] --> J[stale.yml]
J --> K[actions/stale v10.3.0\nMark stale issues and PRs]
Reviews (1): Last reviewed commit: "build(deps): bump the actions group acro..." | Re-trigger Greptile |
❌ 3 Tests Failed:
View the full list of 3 ❄️ flaky test(s)
To view more test analytics, go to the Test Analytics Dashboard |
Bumps the actions group with 4 updates in the / directory: docker/login-action, docker/setup-buildx-action, dorny/paths-filter and actions/stale.
Updates
docker/login-actionfrom 4.2.0 to 4.4.0Release notes
Sourced from docker/login-action's releases.
Commits
af1e73fMerge pull request #1034 from docker/dependabot/npm_and_yarn/aws-sdk-dependen...da722bd[dependabot skip] chore: update generated content2916ad6build(deps): bump the aws-sdk-dependencies group across 1 directory with 2 up...ca0a662Merge pull request #1035 from crazy-max/fix-registry-auth-empty-maskc455755chore: update generated content4835190skip empty registry-auth secret mask992421cMerge pull request #1033 from docker/dependabot/github_actions/docker/bake-ac...b249b43Merge pull request #1032 from docker/dependabot/github_actions/docker/bake-ac...1b67977build(deps): bump docker/bake-action from 7.2.0 to 7.3.09d49d6abuild(deps): bump docker/bake-action/subaction/matrixUpdates
docker/setup-buildx-actionfrom 4.1.0 to 4.2.0Release notes
Sourced from docker/setup-buildx-action's releases.
Commits
bb05f3fMerge pull request #580 from docker/dependabot/npm_and_yarn/docker/actions-to...321c814[dependabot skip] chore: update generated contentb9a36efbuild(deps): bump@docker/actions-toolkitfrom 0.91.0 to 0.92.0ebeab24Merge pull request #570 from docker/dependabot/npm_and_yarn/undici-6.27.05c7b8ae[dependabot skip] chore: update generated content037e618build(deps): bump undici from 6.25.0 to 6.27.066080e5Merge pull request #577 from docker/dependabot/npm_and_yarn/sigstore-4.1.1409aef0Merge pull request #562 from docker/dependabot/npm_and_yarn/js-yaml-4.2.049c6e42build(deps): bump sigstore from 4.1.0 to 4.1.12211273[dependabot skip] chore: update generated contentUpdates
dorny/paths-filterfrom 4.0.1 to 4.0.2Release notes
Sourced from dorny/paths-filter's releases.
Changelog
Sourced from dorny/paths-filter's changelog.
Commits
7b450ffdocs: update changelog for v4.0.2 (#318)9280377fix: work around git dubious ownership errors in container jobs (#317)f3ceefdfix: use rev-parse instead of branch --show-current for older git compat (#303)61f87a1chore: fix GitHub spelling in logs (#278)b82ff81fix warning message (#282)Updates
actions/stalefrom 10 to 10.3.0Release notes
Sourced from actions/stale's releases.
... (truncated)
Commits
df990c2build(deps): bump actions/checkout from 3 to 4 (#1091)6e472ceMerge pull request #1179 from actions/Jcambass-patch-1Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions