Bump the minor-patch group across 1 directory with 3 updates

[dependabot]

Bumps the minor-patch group with 3 updates in the / directory: actions/setup-go, azure/setup-helm and actions/attest-build-provenance.

Updates actions/setup-go from 6.4.0 to 6.5.0

Release notes

Sourced from actions/setup-go's releases.

v6.5.0

What's Changed

Dependency update

• Upgrade actions dependencies by @​priyagupta108 with @​Copilot in actions/setup-go#744
• Upgrade @​types/node and typescript-eslint dependencies to resolve npm audit findings by @​HarithaVattikuti in actions/setup-go#755
• Upgrade @​actions/cache to 5.1.0, log cache write denied by @​jasongin in actions/setup-go#758
• Upgrade version to 6.5.0 in package.json and package-lock.json by @​HarithaVattikuti in actions/setup-go#762

New Contributors

• @​priyagupta108 with @​Copilot made their first contribution in actions/setup-go#744
• @​jasongin made their first contribution in actions/setup-go#758

Full Changelog: actions/setup-go@v6...v6.5.0

Commits

• 924ae3a chore: bump version to 6.5.0 in package.json and package-lock.json (#762)
• e91cc3b Bump @​actions/cache to 5.1.0, log cache write denied (#758)
• 4a2405e chore: update @​types/node and @​typescript-eslint dependencies to latest versi...
• 78961f6 chore: update @​actions dependencies and refresh license cache (#744)
• See full diff in compare view

Updates azure/setup-helm from 5.0.0 to 5.0.1

Release notes

Sourced from azure/setup-helm's releases.

v5.0.1

Fixed

• #271 Fix TypeScript 6.0 compatibility errors in run.ts
• #278 fix: use chmod 755 instead of 777 for downloaded helm binary and folder

Changed

• #286 Bump actions/checkout from 6.0.3 to 7.0.0 in /.github/workflows in the actions group
• #285 Bump the actions group with 2 updates
• #284 Bump undici
• #283 Bump the actions group with 5 updates
• #280 Bump actions/checkout from 6.0.2 to 6.0.3 in /.github/workflows in the actions group
• #279 Bump the actions group with 2 updates
• #277 Bump vitest from 4.1.7 to 4.1.8 in the actions group
• #276 chore: remove deprecated OliverMKing release workflow, pin to SHA
• #275 Bump actions/stale from 10.2.0 to 10.3.0 in /.github/workflows in the actions group
• #274 Bump the actions group with 3 updates
• #273 Bump the actions group with 2 updates
• #269 Bump the actions group across 1 directory with 7 updates
• #268 Bump vite from 8.0.0 to 8.0.5
• #260 Migrate to ESM with esbuild/vitest and upgrade to node24 (v5.0.0)

Changelog

Sourced from azure/setup-helm's changelog.

Change Log

[5.0.1] - 2026-06-23

Fixed

• #271 Fix TypeScript 6.0 compatibility errors in run.ts
• #278 fix: use chmod 755 instead of 777 for downloaded helm binary and folder

Changed

• #286 Bump actions/checkout from 6.0.3 to 7.0.0 in /.github/workflows in the actions group
• #285 Bump the actions group with 2 updates
• #284 Bump undici
• #283 Bump the actions group with 5 updates
• #280 Bump actions/checkout from 6.0.2 to 6.0.3 in /.github/workflows in the actions group
• #279 Bump the actions group with 2 updates
• #277 Bump vitest from 4.1.7 to 4.1.8 in the actions group
• #276 chore: remove deprecated OliverMKing release workflow, pin to SHA
• #275 Bump actions/stale from 10.2.0 to 10.3.0 in /.github/workflows in the actions group
• #274 Bump the actions group with 3 updates
• #273 Bump the actions group with 2 updates
• #269 Bump the actions group across 1 directory with 7 updates
• #268 Bump vite from 8.0.0 to 8.0.5
• #260 Migrate to ESM with esbuild/vitest and upgrade to node24 (v5.0.0)

[5.0.0] - 2026-03-23

Changed

• #259 Update Node.js runtime from node20 to node24
• #263 Bump undici
• #257 Bump undici and @​actions/http-client
• #256 Bump minimatch
• #248 Bump the actions group with 2 updates
• #247 Bump the actions group with 3 updates
• #246 Bump @​types/node from 25.0.2 to 25.0.3 in the actions group
• #245 Bump the actions group with 3 updates
• #243 Bump the actions group with 2 updates
• #240 Bump prettier from 3.6.2 to 3.7.3 in the actions group
• #229 Bump the actions group across 1 directory with 3 updates
• #231 Bump js-yaml from 3.14.1 to 3.14.2
• #234 Bump glob from 10.4.5 to 10.5.0
• #225 Fix build error
• #222 Bump @​types/node from 24.7.2 to 24.8.1 in the actions group
• #220 Bump the actions group across 1 directory with 4 updates
• #216 Bump the actions group across 1 directory with 4 updates
• #213 Bump the actions group with 2 updates
• #211 Bump undici
• #212 Bump jest from 30.0.5 to 30.1.2 in the actions group

... (truncated)

Commits

• 9bc31f4 build
• 95ecf49 Bump version to 5.0.1 and update CHANGELOG with recent changes (#287)
• 4180b1c Bump the actions group with 2 updates (#285)
• 6949b7f Bump undici (#284)
• 51ce767 Bump actions/checkout in /.github/workflows in the actions group (#286)
• d6da4f4 Bump the actions group with 5 updates (#283)
• 7e2bc10 Bump actions/checkout in /.github/workflows in the actions group (#280)
• 64d6be9 Bump the actions group with 2 updates (#279)
• 69214f9 fix: use chmod 755 instead of 777 for downloaded helm binary and folder (#278)
• 9dad99f Bump vitest from 4.1.7 to 4.1.8 in the actions group (#277)
• Additional commits viewable in compare view

Updates actions/attest-build-provenance from 4.1.0 to 4.1.1

Release notes

Sourced from actions/attest-build-provenance's releases.

v4.1.1

[!NOTE] As of version 4, actions/attest-build-provenance is simply a wrapper on top of actions/attest.

Existing applications may continue to use the attest-build-provenance action, but new implementations should use actions/attest instead.

What's Changed

• Update actions/attest to v4.1.1 by @​bdehamer in actions/attest-build-provenance#858

Full Changelog: actions/attest-build-provenance@v4.1.0...v4.1.1

Commits

• 0f67c3f Bump actions/checkout from 6.0.3 to 7.0.0 (#857)
• 21b787d Update actions/attest to v4.1.1 (#858)
• f14352a add dependabot cooldown (#851)
• 2c04a00 Bump actions/checkout from 6.0.2 to 6.0.3 in the actions-minor group (#850)
• 10334b5 remove badges from README (#840)
• c5efebd remove prober workflows (#837)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions