chore(deps): bump the github-actions group across 1 directory with 7 updates #50410

dependabot · 2025-01-24T18:56:15Z

Bumps the github-actions group with 7 updates in the / directory:

Package	From	To
shivammathur/setup-php	`2.31.1`	`2.32.0`
actions/setup-node	`4.0.4`	`4.1.0`
cypress-io/github-action	`6.7.7`	`6.7.10`
actions/upload-artifact	`4.4.3`	`4.6.0`
codecov/codecov-action	`5.0.7`	`5.3.1`
peter-evans/create-pull-request	`7.0.5`	`7.0.6`
marcelklehr/get-github-handles-from-website-action	`1.0.0`	`1.0.1`

Updates shivammathur/setup-php from 2.31.1 to 2.32.0

Release notes

Sourced from shivammathur/setup-php's releases.

2.32.0

Changelog

Added support for PHP 8.4 as the default stable PHP version.
- name: Setup PHP
  uses: shivammathur/setup-php@v2
Added support for PHP 8.5 as the nightly version. (#867)
- name: Setup PHP
  uses: shivammathur/setup-php@v2
  with:
    php-version: '8.5'
Added support for pre-installed in php-version input. (#872) It will setup the pre-installed PHP version on the runner as per the docs here https://github.com/shivammathur/setup-php?tab=readme-ov-file#github-hosted-runners. If the runner does not have a pre-installed PHP version, it will fail. Please note: It is not recommended to use this unless you are doing something trivial, the pre-installed PHP versions on GitHub hosted runners are old patch versions.
- name: Setup PHP
  uses: shivammathur/setup-php@v2
  with:
    php-version: pre-installed
Added support for .tool-versions file format in php-version-file input. (#883) If you have an asdf .tool-versions file in your project. For example, you can specify .tool-versions now in the php-version-file input and the action would setup the correct PHP version.
ruby 3.4
php 8.4
nodejs 23.5
- name: Setup PHP
  uses: shivammathur/setup-php@v2
  with:
    php-version-file: .tool-versions
Added support for to specify the path for composer file in the project to read the PHP version using COMPOSER_PROJECT_DIR env value. (#894)
- name: Setup PHP
  uses: shivammathur/setup-php@v2
  env:
</tr></table> 

... (truncated)

Commits

9e72090 Fix composer-dependency-analyser packagist repository
34b79ca Improve docs for php-version-file input
e5af5d6 Update default version in linux.sh and darwin.sh
ba21a89 Pass prefix options to make in source.sh
12b88cf Fix building pdo_firebird on macOS with clang 15
cffd8ca Fix libssl link in couchbase [skip ci]
85ed51c Fix support for zephir_parser
5bb2eed Fix oci extension support on Windows for PHP 8.4 and above
96fb539 Bump node dependencies
775fa76 Do not upgrade when version is pre-installed on macOS
Additional commits viewable in compare view

Updates actions/setup-node from 4.0.4 to 4.1.0

Release notes

Sourced from actions/setup-node's releases.

v4.1.0

What's Changed

Resolve High Security Alerts by upgrading Dependencies by @aparnajyothi-y in actions/setup-node#1132

Upgrade IA Publish by @Jcambass in actions/setup-node#1134

Revise isGhes logic by @jww3 in actions/setup-node#1148

Add architecture to cache key by @pengx17 in actions/setup-node#843 This addresses issues with caching by adding the architecture (arch) to the cache key, ensuring that cache keys are accurate to prevent conflicts. Note: This change may break previous cache keys as they will no longer be compatible with the new format.

New Contributors

@jww3 made their first contribution in actions/setup-node#1148

@pengx17 made their first contribution in actions/setup-node#843

Full Changelog: actions/setup-node@v4...v4.1.0

Commits

39370e3 fix: add arch to cached path (#843)
abb238b Revise isGhes logic (#1148)
aca7b64 Merge pull request #1134 from actions/Jcambass-patch-1
88de2a3 Resolve High Security Alerts by upgrading Dependencies (#1132)
d6ebc7b Upgrade IA Publish
See full diff in compare view

Updates cypress-io/github-action from 6.7.7 to 6.7.10

Release notes

Sourced from cypress-io/github-action's releases.

v6.7.10

6.7.10 (2025-01-23)

Bug Fixes

deps: update undici to 5.28.5 (#1348) (433264a)

v6.7.9

6.7.9 (2025-01-16)

Bug Fixes

deps: update @actions/cache to 4.0.0 (#1342) (b86ab8d)

v6.7.8

6.7.8 (2024-12-09)

Bug Fixes

deps: update debug to 4.4.0 (#1329) (6436c09)

Commits

7271bed test(deps): update vite to 6.0.11 in examples (#1347)
433264a fix(deps): update undici to 5.28.5 (#1348)
61a39d7 test(deps): update examples/component-tests to vite 6.0.8 (#1346)
119099f chore(deps): update cypress to 14.0.0 (#1343)
b86ab8d fix(deps): update @actions/cache to 4.0.0 (#1342)
4b9ec6b test(deps): update examples to pnpm 10 (#1339)
9c49190 chore(deps): update dependency @types/node to v22.10.5 (#1337)
6bd027c test(deps): mitigate vulnerabilities in examples (#1334)
f541cf2 chore(deps): update cypress to 13.17.0 (#1332)
34ec0a6 chore(deps): update dependency @types/node to v22.10.2 (#1331)
Additional commits viewable in compare view

Updates actions/upload-artifact from 4.4.3 to 4.6.0

Release notes

Sourced from actions/upload-artifact's releases.

v4.6.0

What's Changed

Expose env vars to control concurrency and timeout by @yacaovsnc in actions/upload-artifact#662

Full Changelog: actions/upload-artifact@v4...v4.6.0

v4.5.0

What's Changed

fix: deprecated Node.js version in action by @hamirmahal in actions/upload-artifact#578

Add new artifact-digest output by @bdehamer in actions/upload-artifact#656

New Contributors

@hamirmahal made their first contribution in actions/upload-artifact#578

@bdehamer made their first contribution in actions/upload-artifact#656

Full Changelog: actions/upload-artifact@v4.4.3...v4.5.0

Commits

65c4c4a Merge pull request #662 from actions/yacaovsnc/add_variable_for_concurrency_a...
0207619 move files back to satisfy licensed ci
1ecca81 licensed cache updates
9742269 Expose env vars to controll concurrency and timeout
6f51ac0 Merge pull request #656 from bdehamer/bdehamer/artifact-digest
c40c16d add new artifact-digest output
735efb4 bump @actions/artifact from 2.1.11 to 2.2.0
184d73b Merge pull request #578 from hamirmahal/fix/deprecated-nodejs-usage-in-action
b4a0a98 Merge branch 'main' into fix/deprecated-nodejs-usage-in-action
See full diff in compare view

Updates codecov/codecov-action from 5.0.7 to 5.3.1

Release notes

Sourced from codecov/codecov-action's releases.

v5.3.1

What's Changed

fix: add docs and copy over dist by @thomasrockhu-codecov in codecov/codecov-action#1752

Full Changelog: codecov/codecov-action@v5.3.0...v5.3.1

v5.3.0

What's Changed

Update README with reqs by @thomasrockhu-codecov in codecov/codecov-action#1749

chore(release): wrapper -0.1.0 by @codecov-releaser-app in codecov/codecov-action#1750

chore(release): 5.3.0 by @thomasrockhu-codecov in codecov/codecov-action#1751

Full Changelog: codecov/codecov-action@v5.2.0...v5.3.0

v5.2.0

What's Changed

fix: remove erroneous linebreak in readme by @Vampire in codecov/codecov-action#1734

feat: add disable-telem feature by @thomasrockhu-codecov in codecov/codecov-action#1739

chore(deps): bump wrapper to 0.0.32 by @thomasrockhu-codecov in codecov/codecov-action#1740

build(deps): bump actions/upload-artifact from 4.4.3 to 4.6.0 by @dependabot in codecov/codecov-action#1743

build(deps): bump github/codeql-action from 3.27.9 to 3.28.1 by @dependabot in codecov/codecov-action#1742

use correct audience when requesting oidc token by @juho9000 in codecov/codecov-action#1744

Th/add commands by @thomasrockhu-codecov in codecov/codecov-action#1745

Fix typo in README by @tserg in codecov/codecov-action#1747

chore(release): bump to 5.2.0 by @thomasrockhu-codecov in codecov/codecov-action#1748

New Contributors

@Vampire made their first contribution in codecov/codecov-action#1734

@juho9000 made their first contribution in codecov/codecov-action#1744

@tserg made their first contribution in codecov/codecov-action#1747

Full Changelog: codecov/codecov-action@v5.1.2...v5.2.0

v5.1.2

What's Changed

build(deps): bump github/codeql-action from 3.27.5 to 3.27.6 by @dependabot in codecov/codecov-action#1717

Remove mistake from options table by @Acconut in codecov/codecov-action#1718

build(deps): bump github/codeql-action from 3.27.6 to 3.27.9 by @dependabot in codecov/codecov-action#1722

Put quotes around ${{ inputs.token }} in action.yml by @jwodder in codecov/codecov-action#1721

chore(release): wrapper-0.0.31 by @codecov-releaser-app in codecov/codecov-action#1723

fix: prevent oidc on tokenless due to permissioning by @thomasrockhu-codecov in codecov/codecov-action#1724

fix: update action script by @thomasrockhu-codecov in codecov/codecov-action#1725

fix: update statment by @thomasrockhu-codecov in codecov/codecov-action#1726

chore(release): 5.1.2 by @thomasrockhu-codecov in codecov/codecov-action#1727

New Contributors

@Acconut made their first contribution in codecov/codecov-action#1718

... (truncated)

Commits

13ce06b chore(release): bump to 5.3.1
3e26040 fix: add docs and copy over dist (#1752)
0da7aa6 chore(release): 5.3.0 (#1751)
1ca7ce6 chore(release): wrapper -0.1.0 (#1750)
65baa5f Update README with reqs (#1749)
5a605bd chore(release): bump to 5.2.0 (#1748)
5825942 Fix typo in README (#1747)
b1a6383 Th/add commands (#1745)
6c5b693 use correct audience when requesting oidc token (#1744)
ad45165 build(deps): bump github/codeql-action from 3.27.9 to 3.28.1 (#1742)
Additional commits viewable in compare view

Updates peter-evans/create-pull-request from 7.0.5 to 7.0.6

Release notes

Sourced from peter-evans/create-pull-request's releases.

Create Pull Request v7.0.6

⚙️ Fixes an issue with commit signing where unicode characters in file paths were not preserved.

What's Changed

build(deps-dev): bump @vercel/ncc from 0.38.1 to 0.38.2 by @dependabot in peter-evans/create-pull-request#3365

Update distribution by @actions-bot in peter-evans/create-pull-request#3370

build(deps): bump @octokit/plugin-rest-endpoint-methods from 13.2.4 to 13.2.5 by @dependabot in peter-evans/create-pull-request#3375

build(deps-dev): bump @types/node from 18.19.50 to 18.19.54 by @dependabot in peter-evans/create-pull-request#3376

build(deps): bump @octokit/plugin-paginate-rest from 11.3.3 to 11.3.5 by @dependabot in peter-evans/create-pull-request#3377

Update distribution by @actions-bot in peter-evans/create-pull-request#3388

build(deps-dev): bump @types/node from 18.19.54 to 18.19.55 by @dependabot in peter-evans/create-pull-request#3400

build(deps): bump @actions/core from 1.10.1 to 1.11.1 by @dependabot in peter-evans/create-pull-request#3401

build(deps): bump @octokit/plugin-rest-endpoint-methods from 13.2.5 to 13.2.6 by @dependabot in peter-evans/create-pull-request#3403

build(deps-dev): bump eslint-plugin-import from 2.30.0 to 2.31.0 by @dependabot in peter-evans/create-pull-request#3402

build(deps): bump @octokit/plugin-throttling from 9.3.1 to 9.3.2 by @dependabot in peter-evans/create-pull-request#3404

Update distribution by @actions-bot in peter-evans/create-pull-request#3423

build(deps-dev): bump typescript from 5.6.2 to 5.6.3 by @dependabot in peter-evans/create-pull-request#3441

build(deps): bump undici from 6.19.8 to 6.20.1 by @dependabot in peter-evans/create-pull-request#3442

Update distribution by @actions-bot in peter-evans/create-pull-request#3451

build(deps-dev): bump @types/node from 18.19.55 to 18.19.58 by @dependabot in peter-evans/create-pull-request#3457

build(deps-dev): bump @types/jest from 29.5.13 to 29.5.14 by @dependabot in peter-evans/create-pull-request#3462

build(deps-dev): bump @types/node from 18.19.58 to 18.19.60 by @dependabot in peter-evans/create-pull-request#3463

chore: don't bundle undici by @benmccann in peter-evans/create-pull-request#3475

Update distribution by @actions-bot in peter-evans/create-pull-request#3478

chore: use node-fetch-native support for proxy env vars by @peter-evans in peter-evans/create-pull-request#3483

build(deps-dev): bump @types/node from 18.19.60 to 18.19.64 by @dependabot in peter-evans/create-pull-request#3488

build(deps-dev): bump undici from 6.20.1 to 6.21.0 by @dependabot in peter-evans/create-pull-request#3499

build(deps-dev): bump @vercel/ncc from 0.38.2 to 0.38.3 by @dependabot in peter-evans/create-pull-request#3500

docs: note push-to-repo classic PAT workflow scope requirement by @scop in peter-evans/create-pull-request#3511

docs: spelling fixes by @scop in peter-evans/create-pull-request#3512

build(deps-dev): bump typescript from 5.6.3 to 5.7.2 by @dependabot in peter-evans/create-pull-request#3516

build(deps-dev): bump prettier from 3.3.3 to 3.4.0 by @dependabot in peter-evans/create-pull-request#3517

build(deps-dev): bump @types/node from 18.19.64 to 18.19.66 by @dependabot in peter-evans/create-pull-request#3518

docs(README): clarify that an existing open PR is managed by @caugner in peter-evans/create-pull-request#3498

Update distribution by @actions-bot in peter-evans/create-pull-request#3529

build(deps): bump @octokit/plugin-paginate-rest from 11.3.5 to 11.3.6 by @dependabot in peter-evans/create-pull-request#3542

build(deps-dev): bump @types/node from 18.19.66 to 18.19.67 by @dependabot in peter-evans/create-pull-request#3543

build(deps-dev): bump prettier from 3.4.0 to 3.4.1 by @dependabot in peter-evans/create-pull-request#3544

build(deps-dev): bump eslint-import-resolver-typescript from 3.6.3 to 3.7.0 by @dependabot in peter-evans/create-pull-request#3559

build(deps-dev): bump prettier from 3.4.1 to 3.4.2 by @dependabot in peter-evans/create-pull-request#3560

build(deps-dev): bump @types/node from 18.19.67 to 18.19.68 by @dependabot in peter-evans/create-pull-request#3570

build(deps): bump p-limit from 6.1.0 to 6.2.0 by @dependabot in peter-evans/create-pull-request#3578

Update distribution by @actions-bot in peter-evans/create-pull-request#3583

fix: preserve unicode in filepaths when commit signing by @peter-evans in peter-evans/create-pull-request#3588

New Contributors

@benmccann made their first contribution in peter-evans/create-pull-request#3475

@scop made their first contribution in peter-evans/create-pull-request#3511

@caugner made their first contribution in peter-evans/create-pull-request#3498

... (truncated)

Commits

67ccf78 fix: preserve unicode in filepaths when commit signing (#3588)
bb88e27 build: update distribution (#3583)
b378ed5 build(deps): bump p-limit from 6.1.0 to 6.2.0 (#3578)
fa9200e build(deps-dev): bump @types/node from 18.19.67 to 18.19.68 (#3570)
16e0059 build(deps-dev): bump prettier from 3.4.1 to 3.4.2 (#3560)
5bffd5a build(deps-dev): bump eslint-import-resolver-typescript (#3559)
a22a0dd build(deps-dev): bump prettier from 3.4.0 to 3.4.1 (#3544)
b27ce37 build(deps-dev): bump @types/node from 18.19.66 to 18.19.67 (#3543)
4e0cc19 build(deps): bump @octokit/plugin-paginate-rest from 11.3.5 to 11.3.6 (#3542)
25b6871 docs: update scopes for push-to-fork
Additional commits viewable in compare view

Updates marcelklehr/get-github-handles-from-website-action from 1.0.0 to 1.0.1

Release notes

Sourced from marcelklehr/get-github-handles-from-website-action's releases.

v1.0.1

Fixed

Fix regex

Commits

06b2239 v1.0.1
0f4b445 fix(regex): Don't include final slashes
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

…updates Bumps the github-actions group with 7 updates in the / directory: | Package | From | To | | --- | --- | --- | | [shivammathur/setup-php](https://github.com/shivammathur/setup-php) | `2.31.1` | `2.32.0` | | [actions/setup-node](https://github.com/actions/setup-node) | `4.0.4` | `4.1.0` | | [cypress-io/github-action](https://github.com/cypress-io/github-action) | `6.7.7` | `6.7.10` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.4.3` | `4.6.0` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `5.0.7` | `5.3.1` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `7.0.5` | `7.0.6` | | [marcelklehr/get-github-handles-from-website-action](https://github.com/marcelklehr/get-github-handles-from-website-action) | `1.0.0` | `1.0.1` | Updates `shivammathur/setup-php` from 2.31.1 to 2.32.0 - [Release notes](https://github.com/shivammathur/setup-php/releases) - [Commits](shivammathur/setup-php@c541c15...9e72090) Updates `actions/setup-node` from 4.0.4 to 4.1.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](actions/setup-node@v4.0.4...39370e3) Updates `cypress-io/github-action` from 6.7.7 to 6.7.10 - [Release notes](https://github.com/cypress-io/github-action/releases) - [Changelog](https://github.com/cypress-io/github-action/blob/master/CHANGELOG.md) - [Commits](cypress-io/github-action@f1f0912...7271bed) Updates `actions/upload-artifact` from 4.4.3 to 4.6.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@b4b15b8...65c4c4a) Updates `codecov/codecov-action` from 5.0.7 to 5.3.1 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Commits](codecov/codecov-action@v5.0.7...v5.3.1) Updates `peter-evans/create-pull-request` from 7.0.5 to 7.0.6 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](peter-evans/create-pull-request@5e91468...67ccf78) Updates `marcelklehr/get-github-handles-from-website-action` from 1.0.0 to 1.0.1 - [Release notes](https://github.com/marcelklehr/get-github-handles-from-website-action/releases) - [Commits](marcelklehr/get-github-handles-from-website-action@a739600...06b2239) --- updated-dependencies: - dependency-name: shivammathur/setup-php dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: cypress-io/github-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: marcelklehr/get-github-handles-from-website-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <[email protected]>

AndyScherzinger

All 💚

dependabot bot added 3. to review Waiting for reviews feature: dependencies labels Jan 24, 2025

dependabot bot requested a review from a team January 24, 2025 18:56

dependabot bot mentioned this pull request Jan 24, 2025

chore(deps): bump the github-actions group with 7 updates #50352

Closed

github-actions bot approved these changes Jan 24, 2025

View reviewed changes

AndyScherzinger approved these changes Jan 24, 2025

View reviewed changes

AndyScherzinger merged commit 229aeff into master Jan 24, 2025
193 checks passed

AndyScherzinger deleted the dependabot/github_actions/github-actions-962ddf9a44 branch January 24, 2025 19:40

AndyScherzinger added this to the Nextcloud 32 milestone Jan 24, 2025

nextcloud-bot mentioned this pull request Aug 19, 2025

32.0.0 beta 1 #54502

Merged

skjnldsv modified the milestones: Nextcloud 32, Nextcloud 33 Sep 28, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

chore(deps): bump the github-actions group across 1 directory with 7 updates #50410

chore(deps): bump the github-actions group across 1 directory with 7 updates #50410

Uh oh!

dependabot bot commented on behalf of github Jan 24, 2025

Uh oh!

AndyScherzinger left a comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Uh oh!

chore(deps): bump the github-actions group across 1 directory with 7 updates #50410

chore(deps): bump the github-actions group across 1 directory with 7 updates #50410

Uh oh!

Conversation

dependabot bot commented on behalf of github Jan 24, 2025

2.32.0

Changelog

v4.1.0

What's Changed

New Contributors

v6.7.10

6.7.10 (2025-01-23)

Bug Fixes

v6.7.9

6.7.9 (2025-01-16)

Bug Fixes

v6.7.8

6.7.8 (2024-12-09)

Bug Fixes

v4.6.0

What's Changed

v4.5.0

What's Changed

New Contributors

v5.3.1

What's Changed

v5.3.0

What's Changed

v5.2.0

What's Changed

New Contributors

v5.1.2

What's Changed

New Contributors

Create Pull Request v7.0.6

What's Changed

New Contributors

v1.0.1

Fixed

Uh oh!

AndyScherzinger left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants