Title: fix(bot): bump the dependencies group across 1 directory with 4 updates by dependabot[bot] · Pull Request #169 · Typeform/.github · GitHub
Open Graph Title: fix(bot): bump the dependencies group across 1 directory with 4 updates by dependabot[bot] · Pull Request #169 · Typeform/.github
X Title: fix(bot): bump the dependencies group across 1 directory with 4 updates by dependabot[bot] · Pull Request #169 · Typeform/.github
Description: Bumps the dependencies group with 4 updates in the / directory: actions/checkout, actions/upload-artifact, actions/download-artifact and SonarSource/sonarqube-scan-action.
Updates actions/checkout from 4 to 6
Release notes
Sourced from actions/checkout's releases.
v6.0.0
What's Changed
Update README to include Node.js 24 support details and requirements by @salmanmkc in actions/checkout#2248
Persist creds to a separate file by @ericsciple in actions/checkout#2286
v6-beta by @ericsciple in actions/checkout#2298
update readme/changelog for v6 by @ericsciple in actions/checkout#2311
Full Changelog: actions/checkout@v5.0.0...v6.0.0
v6-beta
What's Changed
Updated persist-credentials to store the credentials under $RUNNER_TEMP instead of directly in the local git config.
This requires a minimum Actions Runner version of v2.329.0 to access the persisted credentials for Docker container action scenarios.
v5.0.1
What's Changed
Port v6 cleanup to v5 by @ericsciple in actions/checkout#2301
Full Changelog: actions/checkout@v5...v5.0.1
v5.0.0
What's Changed
Update actions checkout to use node 24 by @salmanmkc in actions/checkout#2226
Prepare v5.0.0 release by @salmanmkc in actions/checkout#2238
⚠️ Minimum Compatible Runner Version
v2.327.1
Release Notes
Make sure your runner is updated to this version or newer to use this release.
Full Changelog: actions/checkout@v4...v5.0.0
v4.3.1
What's Changed
Port v6 cleanup to v4 by @ericsciple in actions/checkout#2305
Full Changelog: actions/checkout@v4...v4.3.1
v4.3.0
What's Changed
docs: update README.md by @motss in actions/checkout#1971
Add internal repos for checking out multiple repositories by @mouismail in actions/checkout#1977
Documentation update - add recommended permissions to Readme by @benwells in actions/checkout#2043
... (truncated)
Changelog
Sourced from actions/checkout's changelog.
Changelog
v6.0.0
Persist creds to a separate file by @ericsciple in actions/checkout#2286
Update README to include Node.js 24 support details and requirements by @salmanmkc in actions/checkout#2248
v5.0.1
Port v6 cleanup to v5 by @ericsciple in actions/checkout#2301
v5.0.0
Update actions checkout to use node 24 by @salmanmkc in actions/checkout#2226
v4.3.1
Port v6 cleanup to v4 by @ericsciple in actions/checkout#2305
v4.3.0
docs: update README.md by @motss in actions/checkout#1971
Add internal repos for checking out multiple repositories by @mouismail in actions/checkout#1977
Documentation update - add recommended permissions to Readme by @benwells in actions/checkout#2043
Adjust positioning of user email note and permissions heading by @joshmgross in actions/checkout#2044
Update README.md by @nebuk89 in actions/checkout#2194
Update CODEOWNERS for actions by @TingluoHuang in actions/checkout#2224
Update package dependencies by @salmanmkc in actions/checkout#2236
v4.2.2
url-helper.ts now leverages well-known environment variables by @jww3 in actions/checkout#1941
Expand unit test coverage for isGhes by @jww3 in actions/checkout#1946
v4.2.1
Check out other refs/* by commit if provided, fall back to ref by @orhantoy in actions/checkout#1924
v4.2.0
Add Ref and Commit outputs by @lucacome in actions/checkout#1180
Dependency updates by @dependabot- actions/checkout#1777, actions/checkout#1872
v4.1.7
Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739
Bump actions/checkout from 3 to 4 by @dependabot in actions/checkout#1697
Check out other refs/* by commit by @orhantoy in actions/checkout#1774
Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in actions/checkout#1776
v4.1.6
Check platform to set archive extension appropriately by @cory-miller in actions/checkout#1732
v4.1.5
Update NPM dependencies by @cory-miller in actions/checkout#1703
Bump github/codeql-action from 2 to 3 by @dependabot in actions/checkout#1694
Bump actions/setup-node from 1 to 4 by @dependabot in actions/checkout#1696
Bump actions/upload-artifact from 2 to 4 by @dependabot in actions/checkout#1695
... (truncated)
Commits
8e8c483 Clarify v6 README (#2328)
033fa0d Add worktree support for persist-credentials includeIf (#2327)
c2d88d3 Update all references from v5 and v4 to v6 (#2314)
1af3b93 update readme/changelog for v6 (#2311)
71cf226 v6-beta (#2298)
069c695 Persist creds to a separate file (#2286)
ff7abcd Update README to include Node.js 24 support details and requirements (#2248)
08c6903 Prepare v5.0.0 release (#2238)
9f26565 Update actions checkout to use node 24 (#2226)
See full diff in compare view
Updates actions/upload-artifact from 4 to 5
Release notes
Sourced from actions/upload-artifact's releases.
v5.0.0
What's Changed
BREAKING CHANGE: this update supports Node v24.x. This is not a breaking change per-se but we're treating it as such.
Update README.md by @GhadimiR in actions/upload-artifact#681
Update README.md by @nebuk89 in actions/upload-artifact#712
Readme: spell out the first use of GHES by @danwkennedy in actions/upload-artifact#727
Update GHES guidance to include reference to Node 20 version by @patrikpolyak in actions/upload-artifact#725
Bump @actions/artifact to v4.0.0
Prepare v5.0.0 by @danwkennedy in actions/upload-artifact#734
New Contributors
@GhadimiR made their first contribution in actions/upload-artifact#681
@nebuk89 made their first contribution in actions/upload-artifact#712
@danwkennedy made their first contribution in actions/upload-artifact#727
@patrikpolyak made their first contribution in actions/upload-artifact#725
Full Changelog: actions/upload-artifact@v4...v5.0.0
v4.6.2
What's Changed
Update to use artifact 2.3.2 package & prepare for new upload-artifact release by @salmanmkc in actions/upload-artifact#685
New Contributors
@salmanmkc made their first contribution in actions/upload-artifact#685
Full Changelog: actions/upload-artifact@v4...v4.6.2
v4.6.1
What's Changed
Update to use artifact 2.2.2 package by @yacaovsnc in actions/upload-artifact#673
Full Changelog: actions/upload-artifact@v4...v4.6.1
v4.6.0
What's Changed
Expose env vars to control concurrency and timeout by @yacaovsnc in actions/upload-artifact#662
Full Changelog: actions/upload-artifact@v4...v4.6.0
v4.5.0
What's Changed
fix: deprecated Node.js version in action by @hamirmahal in actions/upload-artifact#578
Add new artifact-digest output by @bdehamer in actions/upload-artifact#656
New Contributors
@hamirmahal made their first contribution in actions/upload-artifact#578
... (truncated)
Commits
330a01c Merge pull request #734 from actions/danwkennedy/prepare-5.0.0
03f2824 Update github.dep.yml
905a1ec Prepare v5.0.0
2d9f9cd Merge pull request #725 from patrikpolyak/patch-1
9687587 Merge branch 'main' into patch-1
2848b2c Merge pull request #727 from danwkennedy/patch-1
9b51177 Spell out the first use of GHES
cd231ca Update GHES guidance to include reference to Node 20 version
de65e23 Merge pull request #712 from actions/nebuk89-patch-1
8747d8c Update README.md
Additional commits viewable in compare view
Updates actions/download-artifact from 4 to 6
Release notes
Sourced from actions/download-artifact's releases.
v6.0.0
What's Changed
BREAKING CHANGE: this update supports Node v24.x. This is not a breaking change per-se but we're treating it as such.
Update README for download-artifact v5 changes by @yacaovsnc in actions/download-artifact#417
Update README with artifact extraction details by @yacaovsnc in actions/download-artifact#424
Readme: spell out the first use of GHES by @danwkennedy in actions/download-artifact#431
Bump @actions/artifact to v4.0.0
Prepare v6.0.0 by @danwkennedy in actions/download-artifact#438
New Contributors
@danwkennedy made their first contribution in actions/download-artifact#431
Full Changelog: actions/download-artifact@v5...v6.0.0
v5.0.0
What's Changed
Update README.md by @nebuk89 in actions/download-artifact#407
BREAKING fix: inconsistent path behavior for single artifact downloads by ID by @GrantBirki in actions/download-artifact#416
v5.0.0
🚨 Breaking Change
This release fixes an inconsistency in path behavior for single artifact downloads by ID. If you're downloading single artifacts by ID, the output path may change.
What Changed
Previously, single artifact downloads behaved differently depending on how you specified the artifact:
By name: name: my-artifact → extracted to path/ (direct)
By ID: artifact-ids: 12345 → extracted to path/my-artifact/ (nested)
Now both methods are consistent:
By name: name: my-artifact → extracted to path/ (unchanged)
By ID: artifact-ids: 12345 → extracted to path/ (fixed - now direct)
Migration Guide
✅ No Action Needed If:
You download artifacts by name
You download multiple artifacts by ID
You already use merge-multiple: true as a workaround
⚠️ Action Required If:
You download single artifacts by ID and your workflows expect the nested directory structure.
... (truncated)
Commits
018cc2c Merge pull request #438 from actions/danwkennedy/prepare-6.0.0
815651c Revert "Remove github.dep.yml"
bb3a066 Remove github.dep.yml
fa1ce46 Prepare v6.0.0
4a24838 Merge pull request #431 from danwkennedy/patch-1
5e3251c Readme: spell out the first use of GHES
abefc31 Merge pull request #424 from actions/yacaovsnc/update_readme
ac43a60 Update README with artifact extraction details
de96f46 Merge pull request #417 from actions/yacaovsnc/update_readme
7993cb4 Remove migration guide for artifact download changes
Additional commits viewable in compare view
Updates SonarSource/sonarqube-scan-action from 6 to 7
Release notes
Sourced from SonarSource/sonarqube-scan-action's releases.
v7.0.0
What's Changed
SQSCANGHA-120 NO-JIRA Bump actions/setup-node from 4 to 5 by @dependabot[bot] in SonarSource/sonarqube-scan-action#211
Update SonarScanner CLI to 7.3.0.5189 by @github-actions[bot] in SonarSource/sonarqube-scan-action#212
SQSCANGHA-122 Include caveats for running SCA by @subdavis in SonarSource/sonarqube-scan-action#213
SQSCANGHA-123 NO-JIRA Bump actions/setup-node from 5 to 6 by @dependabot[bot] in SonarSource/sonarqube-scan-action#214
SQSCANGHA-126 Update SonarScanner CLI to 8.0.1.6346 by @github-actions[bot] in SonarSource/sonarqube-scan-action#218
New Contributors
@subdavis made their first contribution in SonarSource/sonarqube-scan-action#213
Full Changelog: SonarSource/sonarqube-scan-action@v6.0.0...v7.0.0
Commits
a31c939 SQSCANGHA-126 Update SonarScanner CLI to 8.0.1.6346 (#218)
40f5b61 SQSCANGHA-123 NO-JIRA Bump actions/setup-node from 5 to 6 (#214)
9bf7c12 SQSCANGHA-122 Include caveats for running SCA (#213)
ba6563c Update SonarScanner CLI to 7.3.0.5189 (#212)
5ffbad4 SQSCANGHA-120 Bump actions/setup-node from 4 to 5 (#211)
See full diff in compare view
You can trigger a rebase of this PR by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show
Open Graph Description: Bumps the dependencies group with 4 updates in the / directory: actions/checkout, actions/upload-artifact, actions/download-artifact and SonarSource/sonarqube-scan-action. Updates actions/checkout ...
X Description: Bumps the dependencies group with 4 updates in the / directory: actions/checkout, actions/upload-artifact, actions/download-artifact and SonarSource/sonarqube-scan-action. Updates actions/checkout ...
Opengraph URL: https://github.com/Typeform/.github/pull/169
X: @github
Domain: patch-diff.githubusercontent.com
| route-pattern | /:user_id/:repository/pull/:id/files(.:format) |
| route-controller | pull_requests |
| route-action | files |
| fetch-nonce | v2:1e86b09a-417d-9af8-1d0b-afb0f526ffb4 |
| current-catalog-service-hash | ae870bc5e265a340912cde392f23dad3671a0a881730ffdadd82f2f57d81641b |
| request-id | CA00:19115:1690294:1D7D815:6992AFBC |
| html-safe-nonce | 4738f6d425e8384c7b9a0945e8f96561078fee6480a31f51a4c291fd4097bb38 |
| visitor-payload | eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJDQTAwOjE5MTE1OjE2OTAyOTQ6MUQ3RDgxNTo2OTkyQUZCQyIsInZpc2l0b3JfaWQiOiIyNTIyNTk5MzIwMjQwNDM1MTMyIiwicmVnaW9uX2VkZ2UiOiJpYWQiLCJyZWdpb25fcmVuZGVyIjoiaWFkIn0= |
| visitor-hmac | 9a57d0032300203c39171add0c634d1499d8af5d57ff913eef7266796c6d54e5 |
| hovercard-subject-tag | pull_request:3093662249 |
| github-keyboard-shortcuts | repository,pull-request-list,pull-request-conversation,pull-request-files-changed,copilot |
| google-site-verification | Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I |
| octolytics-url | https://collector.github.com/github/collect |
| analytics-location | / |
| fb:app_id | 1401488693436528 |
| apple-itunes-app | app-id=1477376905, app-argument=https://github.com/Typeform/.github/pull/169/files |
| twitter:image | https://avatars.githubusercontent.com/in/29110?s=400&v=4 |
| twitter:card | summary_large_image |
| og:image | https://avatars.githubusercontent.com/in/29110?s=400&v=4 |
| og:image:alt | Bumps the dependencies group with 4 updates in the / directory: actions/checkout, actions/upload-artifact, actions/download-artifact and SonarSource/sonarqube-scan-action. Updates actions/checkout ... |
| og:site_name | GitHub |
| og:type | object |
| hostname | github.com |
| expected-hostname | github.com |
| None | 42c603b9d642c4a9065a51770f75e5e27132fef0e858607f5c9cb7e422831a7b |
| turbo-cache-control | no-preview |
| diff-view | unified |
| go-import | github.com/Typeform/.github git https://github.com/Typeform/.github.git |
| octolytics-dimension-user_id | 1652745 |
| octolytics-dimension-user_login | Typeform |
| octolytics-dimension-repository_id | 329574814 |
| octolytics-dimension-repository_nwo | Typeform/.github |
| octolytics-dimension-repository_public | true |
| octolytics-dimension-repository_is_fork | false |
| octolytics-dimension-repository_network_root_id | 329574814 |
| octolytics-dimension-repository_network_root_nwo | Typeform/.github |
| turbo-body-classes | logged-out env-production page-responsive full-width |
| disable-turbo | true |
| browser-stats-url | https://api.github.com/_private/browser/stats |
| browser-errors-url | https://api.github.com/_private/browser/errors |
| release | 848bc6032dcc93a9a7301dcc3f379a72ba13b96e |
| ui-target | full |
| theme-color | #1e2327 |
| color-scheme | light dark |
Links:
Viewport: width=device-width