Skip to content

build(deps): bump the actions group across 1 directory with 4 updates#2843

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/actions-4942735af7
Open

build(deps): bump the actions group across 1 directory with 4 updates#2843
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/actions-4942735af7

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 10, 2026

Copy link
Copy Markdown
Contributor

Bumps the actions group with 4 updates in the / directory: docker/login-action, docker/setup-buildx-action, dorny/paths-filter and actions/stale.

Updates docker/login-action from 4.2.0 to 4.4.0

Release notes

Sourced from docker/login-action's releases.

v4.4.0

Full Changelog: docker/login-action@v4.3.0...v4.4.0

v4.3.0

Full Changelog: docker/login-action@v4.2.0...v4.3.0

Commits
  • af1e73f Merge pull request #1034 from docker/dependabot/npm_and_yarn/aws-sdk-dependen...
  • da722bd [dependabot skip] chore: update generated content
  • 2916ad6 build(deps): bump the aws-sdk-dependencies group across 1 directory with 2 up...
  • ca0a662 Merge pull request #1035 from crazy-max/fix-registry-auth-empty-mask
  • c455755 chore: update generated content
  • 4835190 skip empty registry-auth secret mask
  • 992421c Merge pull request #1033 from docker/dependabot/github_actions/docker/bake-ac...
  • b249b43 Merge pull request #1032 from docker/dependabot/github_actions/docker/bake-ac...
  • 1b67977 build(deps): bump docker/bake-action from 7.2.0 to 7.3.0
  • 9d49d6a build(deps): bump docker/bake-action/subaction/matrix
  • Additional commits viewable in compare view

Updates docker/setup-buildx-action from 4.1.0 to 4.2.0

Release notes

Sourced from docker/setup-buildx-action's releases.

v4.2.0

Full Changelog: docker/setup-buildx-action@v4.1.0...v4.2.0

Commits
  • bb05f3f Merge pull request #580 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • 321c814 [dependabot skip] chore: update generated content
  • b9a36ef build(deps): bump @​docker/actions-toolkit from 0.91.0 to 0.92.0
  • ebeab24 Merge pull request #570 from docker/dependabot/npm_and_yarn/undici-6.27.0
  • 5c7b8ae [dependabot skip] chore: update generated content
  • 037e618 build(deps): bump undici from 6.25.0 to 6.27.0
  • 66080e5 Merge pull request #577 from docker/dependabot/npm_and_yarn/sigstore-4.1.1
  • 409aef0 Merge pull request #562 from docker/dependabot/npm_and_yarn/js-yaml-4.2.0
  • 49c6e42 build(deps): bump sigstore from 4.1.0 to 4.1.1
  • 2211273 [dependabot skip] chore: update generated content
  • Additional commits viewable in compare view

Updates dorny/paths-filter from 4.0.1 to 4.0.2

Release notes

Sourced from dorny/paths-filter's releases.

v4.0.2

What's Changed

New Contributors

Full Changelog: dorny/paths-filter@v4.0.1...v4.0.2

Changelog

Sourced from dorny/paths-filter's changelog.

v4.0.2

Commits

Updates actions/stale from 10 to 10.3.0

Release notes

Sourced from actions/stale's releases.

v10.3.0

What's Changed

Bug Fix

Dependency Updates

New Contributors

Full Changelog: actions/stale@v10...v10.3.0

v10.2.0

What's Changed

Bug Fix

Dependency Updates

New Contributors

Full Changelog: actions/stale@v10...v10.2.0

v10.1.1

What's Changed

Bug Fix

Improvement

Dependency Upgrades

New Contributors

Full Changelog: actions/stale@v10...v10.1.1

v10.1.0

What's Changed

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the actions group with 4 updates in the / directory: [docker/login-action](https://github.com/docker/login-action), [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action), [dorny/paths-filter](https://github.com/dorny/paths-filter) and [actions/stale](https://github.com/actions/stale).


Updates `docker/login-action` from 4.2.0 to 4.4.0
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](docker/login-action@v4.2.0...v4.4.0)

Updates `docker/setup-buildx-action` from 4.1.0 to 4.2.0
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](docker/setup-buildx-action@v4.1.0...v4.2.0)

Updates `dorny/paths-filter` from 4.0.1 to 4.0.2
- [Release notes](https://github.com/dorny/paths-filter/releases)
- [Changelog](https://github.com/dorny/paths-filter/blob/master/CHANGELOG.md)
- [Commits](dorny/paths-filter@v4.0.1...v4.0.2)

Updates `actions/stale` from 10 to 10.3.0
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](actions/stale@v10...v10.3.0)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-version: 4.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
- dependency-name: docker/setup-buildx-action
  dependency-version: 4.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
- dependency-name: dorny/paths-filter
  dependency-version: 4.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions
- dependency-name: actions/stale
  dependency-version: 10.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jul 10, 2026
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jul 10, 2026
@github-actions github-actions Bot enabled auto-merge (squash) July 10, 2026 05:38
@greptile-apps

greptile-apps Bot commented Jul 10, 2026

Copy link
Copy Markdown
Contributor

Greptile Summary

This is a routine Dependabot grouping PR that bumps four GitHub Actions dependencies across the CI workflows — all within the same major version with no breaking changes.

  • docker/login-action v4.2.0 → v4.4.0 and docker/setup-buildx-action v4.1.0 → v4.2.0: Dependency refreshes (undici, sigstore, js-yaml, AWS SDK) and an empty registry-auth secret mask fix.
  • dorny/paths-filter v4.0.1 → v4.0.2: Patch fixes for git dubious ownership errors in container jobs and older-git rev-parse compatibility.
  • actions/stale v10 → v10.3.0: Bug fix for stale labeling event handling; also moves from the floating v10 tag to a specific version, slightly improving workflow reproducibility.

Confidence Score: 5/5

All four updates are within-major-version bumps containing only bug fixes and dependency refreshes; no behavior changes affect the Docker build or stale management workflows.

Every changed line is a version string update generated by Dependabot. The release notes confirm no breaking changes or API removals, and the dorny/paths-filter patch actively fixes a bug (dubious ownership errors in container jobs) that could otherwise cause spurious workflow failures.

No files require special attention.

Important Files Changed

Filename Overview
.github/workflows/_docker-build-template.yml Bumps docker/login-action from v4.2.0 to v4.4.0 and docker/setup-buildx-action from v4.1.0 to v4.2.0; both are minor version bumps with only dependency updates and a registry-auth empty mask fix.
.github/workflows/docker-build.yml Bumps dorny/paths-filter from v4.0.1 to v4.0.2; a patch release that fixes git dubious ownership errors in container jobs and improves older git compatibility.
.github/workflows/stale.yml Bumps actions/stale from the floating v10 tag to the pinned v10.3.0; this is a minor improvement in reproducibility, and the release includes a bug fix for stale labeling event handling.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[PR Push or Schedule] --> B[docker-build.yml]
    B --> C[paths-filter v4.0.2\nDetect changed paths]
    C -->|paths changed| D[docker-build-template.yml]
    C -->|no change| E[Skip build]
    D --> F[login-action v4.4.0\nLogin to ghcr.io]
    F --> G[setup-buildx-action v4.2.0\nSetup buildx driver]
    G --> H[Build and Push Docker image]
    I[Schedule or Manual] --> J[stale.yml]
    J --> K[actions/stale v10.3.0\nMark stale issues and PRs]
Loading
%%{init: {'theme': 'base', 'themeVariables': {"darkMode": true, "background": "#0d1117", "primaryColor": "#21262d", "primaryTextColor": "#e6edf3", "primaryBorderColor": "#8b949e", "lineColor": "#8b949e", "textColor": "#e6edf3", "edgeLabelBackground": "#161b22", "actorBkg": "#21262d", "actorBorder": "#8b949e", "actorTextColor": "#e6edf3", "actorLineColor": "#8b949e", "signalColor": "#8b949e", "signalTextColor": "#e6edf3", "noteBkgColor": "#373320", "noteBorderColor": "#d4a72c", "noteTextColor": "#f0e6c0", "labelBoxBkgColor": "#21262d", "labelBoxBorderColor": "#8b949e", "labelTextColor": "#e6edf3", "loopTextColor": "#e6edf3", "activationBkgColor": "#30363d", "activationBorderColor": "#8b949e"}}}%%
flowchart TD
    A[PR Push or Schedule] --> B[docker-build.yml]
    B --> C[paths-filter v4.0.2\nDetect changed paths]
    C -->|paths changed| D[docker-build-template.yml]
    C -->|no change| E[Skip build]
    D --> F[login-action v4.4.0\nLogin to ghcr.io]
    F --> G[setup-buildx-action v4.2.0\nSetup buildx driver]
    G --> H[Build and Push Docker image]
    I[Schedule or Manual] --> J[stale.yml]
    J --> K[actions/stale v10.3.0\nMark stale issues and PRs]
Loading

Reviews (1): Last reviewed commit: "build(deps): bump the actions group acro..." | Re-trigger Greptile

@codecov

codecov Bot commented Jul 10, 2026

Copy link
Copy Markdown

❌ 3 Tests Failed:

Tests completed Failed Passed Skipped
2381 3 2378 168
View the full list of 3 ❄️ flaky test(s)
dimos.experimental.arduino.test_arduino_module::test_build_full_config_combines_connection_and_topics

Flake rate in main: 100.00% (Passed 0 times, Failed 2 times)

Stack Traces | 0.306s run time
def test_build_full_config_combines_connection_and_topics() -> None:
        """Keep in sync with parse_args() in .../arduino/cpp/main.cpp."""
        mod = _with_topics(
            _make_module(),
            {
                "twist_in": "cmd#geometry_msgs.Twist",
                "twist_echo_out": "echo#geometry_msgs.Twist",
            },
        )
        mod.config.auto_reconnect = False
        mod.config.reconnect_interval = 1.5
    
        cfg = mod._build_full_config("/dev/ttyACM0")
    
        assert cfg["serial_port"] == "/dev/ttyACM0"
        assert cfg["baudrate"] == 115200
        assert cfg["reconnect"] is False
        assert cfg["reconnect_interval"] == 1.5
>       assert cfg["topics"] == [
            {"id": 1, "channel": "echo#geometry_msgs.Twist", "is_output": True},
            {"id": 2, "channel": "cmd#geometry_msgs.Twist", "is_output": False},
        ]
E       AssertionError: assert [] == [{'channel': ...tput': False}]
E         
E         Right contains 2 more items, first extra item: #x1B[0m{#x1B[33m'#x1B[39;49;00m#x1B[33mchannel#x1B[39;49;00m#x1B[33m'#x1B[39;49;00m: #x1B[33m'#x1B[39;49;00m#x1B[33mecho#geometry_msgs.Twist#x1B[39;49;00m#x1B[33m'#x1B[39;49;00m, #x1B[33m'#x1B[39;49;00m#x1B[33mid#x1B[39;49;00m#x1B[33m'#x1B[39;49;00m: #x1B[94m1#x1B[39;49;00m, #x1B[33m'#x1B[39;49;00m#x1B[33mis_output#x1B[39;49;00m#x1B[33m'#x1B[39;49;00m: #x1B[94mTrue#x1B[39;49;00m}#x1B[90m#x1B[39;49;00m
E         
E         Full diff:
E         #x1B[0m#x1B[92m+ []#x1B[39;49;00m#x1B[90m#x1B[39;49;00m
E         #x1B[91m- [#x1B[39;49;00m#x1B[90m#x1B[39;49;00m
E         #x1B[91m-     {#x1B[39;49;00m#x1B[90m#x1B[39;49;00m
E         #x1B[91m-         'channel': 'echo#geometry_msgs.Twist',#x1B[39;49;00m#x1B[90m#x1B[39;49;00m
E         #x1B[91m-         'id': 1,#x1B[39;49;00m#x1B[90m#x1B[39;49;00m
E         #x1B[91m-         'is_output': True,#x1B[39;49;00m#x1B[90m#x1B[39;49;00m
E         #x1B[91m-     },#x1B[39;49;00m#x1B[90m#x1B[39;49;00m
E         #x1B[91m-     {#x1B[39;49;00m#x1B[90m#x1B[39;49;00m
E         #x1B[91m-         'channel': 'cmd#geometry_msgs.Twist',#x1B[39;49;00m#x1B[90m#x1B[39;49;00m
E         #x1B[91m-         'id': 2,#x1B[39;49;00m#x1B[90m#x1B[39;49;00m
E         #x1B[91m-         'is_output': False,#x1B[39;49;00m#x1B[90m#x1B[39;49;00m
E         #x1B[91m-     },#x1B[39;49;00m#x1B[90m#x1B[39;49;00m
E         #x1B[91m- ]#x1B[39;49;00m#x1B[90m#x1B[39;49;00m

cfg        = {'baudrate': 115200, 'reconnect': False, 'reconnect_interval': 1.5, 'serial_port': '/dev/ttyACM0', ...}
mod        = <dimos.experimental.arduino.test_arduino_module._ExampleModule object at 0xff0a2c0c3620>

.../experimental/arduino/test_arduino_module.py:125: AssertionError
dimos.experimental.arduino.test_arduino_module::test_resolve_topics_accepts_typed_lcm_channels

Flake rate in main: 100.00% (Passed 0 times, Failed 2 times)

Stack Traces | 0.094s run time
def test_resolve_topics_accepts_typed_lcm_channels() -> None:
        mod = _with_topics(_make_module(), {"twist_in": "twist_command#geometry_msgs.Twist"})
>       assert mod._resolve_topics() == {"twist_in": "twist_command#geometry_msgs.Twist"}
E       AssertionError: assert {} == {'twist_in': ...y_msgs.Twist'}
E         
E         Right contains 1 more item:
E         #x1B[0m{#x1B[33m'#x1B[39;49;00m#x1B[33mtwist_in#x1B[39;49;00m#x1B[33m'#x1B[39;49;00m: #x1B[33m'#x1B[39;49;00m#x1B[33mtwist_command#geometry_msgs.Twist#x1B[39;49;00m#x1B[33m'#x1B[39;49;00m}#x1B[90m#x1B[39;49;00m
E         
E         Full diff:
E         #x1B[0m#x1B[92m+ {}#x1B[39;49;00m#x1B[90m#x1B[39;49;00m
E         #x1B[91m- {#x1B[39;49;00m#x1B[90m#x1B[39;49;00m
E         #x1B[91m-     'twist_in': 'twist_command#geometry_msgs.Twist',#x1B[39;49;00m#x1B[90m#x1B[39;49;00m
E         #x1B[91m- }#x1B[39;49;00m#x1B[90m#x1B[39;49;00m

mod        = <dimos.experimental.arduino.test_arduino_module._ExampleModule object at 0xff0a2db8dac0>

.../experimental/arduino/test_arduino_module.py:410: AssertionError
dimos.experimental.arduino.test_arduino_module::test_resolve_topics_rejects_bare_channel_names

Flake rate in main: 100.00% (Passed 0 times, Failed 2 times)

Stack Traces | 0.094s run time
def test_resolve_topics_rejects_bare_channel_names() -> None:
        mod = _with_topics(_make_module(), {"twist_in": "twist_command"})
>       with pytest.raises(RuntimeError, match="'#msg_type' suffix"):
E       Failed: DID NOT RAISE <class 'RuntimeError'>

mod        = <dimos.experimental.arduino.test_arduino_module._ExampleModule object at 0xff0a2dbaa810>

.../experimental/arduino/test_arduino_module.py:415: Failed

To view more test analytics, go to the Test Analytics Dashboard
📋 Got 3 mins? Take this short survey to help us improve Test Analytics.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants